Quick Answer: To audit app permissions on Android, open Settings, tap Security & privacy > Privacy > Privacy dashboard to see which apps recently used your camera, microphone, and location, then go to Privacy > Permission manager to review and revoke access permission by permission. On a Samsung Galaxy the path is Settings > Security and privacy, where you will find both the dashboard and the Permission manager.
Beyond software permissions, a simple physical backup for the camera is a cheap slide cover such as this 10-pack of camera cover slides. It blocks the lens when you are not using it, so nothing can quietly watch even if a permission slips through.
At Infurpose we cover the small, repeatable habits that keep a phone private, and auditing your Android app permissions is one of the highest-value ten minutes you can spend, using tools Google already built into your phone with no downloads required. When I ran this on my own Android last month, the surprise was not some shady app, it was a weather widget quietly holding “precise location” and “all the time” access since the day I installed it. That is exactly what this audit catches.
Your 10-minute app permission audit checklist
Work through these steps in order to review every sensitive permission on your phone in about ten minutes.
- Minute 0-2: Open Settings > Security & privacy > Privacy > Privacy dashboard and scan which apps used your location, camera, and microphone in the last 7 days.
- Minute 2-5: Open the Permission manager and check the big three first, Location, Camera, and Microphone, revoking anything that does not need them.
- Minute 5-7: In the Permission manager, review Contacts, Files/Photos, Nearby devices, and Phone/SMS, which leak more than people expect.
- Minute 7-8: Tap into any location-hungry app and turn off “Use precise location” unless it needs it.
- Minute 8-9: Confirm “Pause app activity if unused” is on so unused apps auto-reset permissions.
- Minute 9-10: Check your Google Account at myaccount.google.com to see which third-party apps still have access.
Start with the Privacy dashboard to see who used what
The Privacy dashboard is the best place to begin because it shows what apps actually did, not just what they are allowed to do. On a Pixel or stock Android 12 and up, go to Settings > Security & privacy > Privacy > Privacy dashboard (you may need to tap Privacy a second time). It shows a timeline of every time an app accessed your camera, microphone, location, and other sensitive permissions, covering the last 7 days on Android 13 and later, or the last 24 hours on Android 12.
From experience: on my wife's Android, the one that surprised me was the Google app showing active microphone access in the background when she was not even using Assistant. The frustrating part — and it is the top complaint on Reddit too — is that Android tells you which app used the mic, but not what actually triggered it.
This is the differentiator most guides skip: instead of guessing, you get evidence. If a photo-editing app pinged your microphone at 3 a.m., or a game accessed your location dozens of times, you will see it here. Tap any permission, such as Location, to see every app that used it and how often, then jump into an app to change its access. Our Android privacy settings guide is a useful companion here.
On a Samsung Galaxy running One UI, the equivalent lives under Settings > Security and privacy, where the top of the screen shows a dashboard with recent permission activity.
Open the Permission manager and review by permission type
The Permission manager is where you make changes, organized by permission rather than by app. On stock Android and Pixel, go to Settings > Security & privacy > Privacy > Permission manager. On Samsung One UI, go to Settings > Security and privacy > Permission manager (scroll down to find it). You will see permission categories, each showing how many apps are allowed. Work through the sensitive ones in the order below: tap a category, look at the “Allowed” list, and ask whether each app genuinely needs that access.
| Permission | What to watch for |
|---|---|
| Location | Apps set to “Allow all the time.” Most only need “while using the app,” or nothing at all. |
| Camera | Keyboards, note apps, or utilities that have no reason to see through your lens. |
| Microphone | Games and shopping apps holding mic access they never use. |
| Contacts | Social and dating apps that harvest your whole address book on sign-up. |
| Files and media (Photos) | Apps with access to all photos when they only ever needed one upload. |
| Nearby devices | Apps that can scan for and connect to devices around you. |
| Phone and SMS | Anything non-essential, this access can expose call logs and messages. |
To revoke a permission, tap the app inside a category and choose Don’t allow. Nothing breaks permanently, if the app truly needs the access later it will simply ask again, and that “ask every time” behavior is your friend during an audit.
Fix precise vs approximate location, the setting most people miss
Precise location gives an app your exact GPS position, while approximate location only narrows you to a neighborhood or city block, and most apps do not need the exact version. When you tap into the location permission for a specific app, look for the Use precise location toggle and turn it off for anything that does not require pinpoint accuracy. A weather, news, or shopping app works fine with approximate location.
This one toggle is a meaningful privacy win, because precise location is what lets advertisers and data brokers track your exact movements. Combined with setting location to “Allow only while using the app,” it cuts what an app can learn about where you live, work, and travel. If you worry someone is following you, our guide on whether your phone is being tracked goes deeper.
Turn on auto-reset so unused apps lose their permissions
Android can automatically strip permissions from apps you have not opened in a while, so make sure it is switched on. On Pixel and stock Android, open Settings > Apps, select an app, and under “Unused app settings” enable Pause app activity if unused. Then if you go months without opening it, Android revokes its permissions and stops its background activity. Newer installs usually have this on by default, but older apps carried over from previous phones often do not.
This matters because the riskiest apps are frequently the ones you forgot you had. A two-year-old shopping app sitting with contacts and location access is a liability with zero benefit, and auto-reset closes that gap for you. On Samsung, the same control appears on each app’s info screen under the unused-app settings.
Finish with a quick Google Account permissions check
App permissions are only half the picture, your Google Account also grants data access to third-party apps and sites you signed into with “Sign in with Google.” Go to myaccount.google.com, tap Security, then scroll to Your connections to third-party apps & services and remove anything you no longer use, especially old apps with access to your Gmail, Drive, or contacts.
This is a genuinely overlooked step: you might revoke a fitness app’s on-device permissions while it still has cloud access to your Google data through an old connection, so cleaning both sides completes the audit. While you are there, confirm two-factor authentication is on, which we walk through in our guide to securing your phone accounts with 2FA.
A note on Android versions and Samsung vs Pixel
The exact wording and menu path shift depending on your Android version and phone maker, so treat the paths above as a map rather than a rigid script. The Privacy dashboard requires Android 12 or newer; if you do not see it, your phone is older and you will use the Permission manager alone. Pixel and other stock-Android devices use Security & privacy > Privacy, while Samsung Galaxy phones on One UI put everything under Security and privacy and sometimes tuck Google’s tools inside a More privacy settings submenu. The controls are the same; only the labels differ.
Frequently Asked Questions
How do I check app permissions on Android?
Open Settings, then tap Security & privacy > Privacy > Permission manager to see every permission grouped by type, such as Location, Camera, and Microphone. Tap any category to view which apps have access and change it. On a Samsung Galaxy, the path is Settings > Security and privacy > Permission manager.
Where is the Privacy dashboard on my Android phone?
On Pixel and stock Android 12 or newer, it is at Settings > Security & privacy > Privacy > Privacy dashboard, and you may need to tap Privacy twice. On Samsung Galaxy phones it lives at the top of the Settings > Security and privacy screen. If you cannot find it, your phone is likely on Android 11 or older, which does not include the dashboard.
What is the difference between precise and approximate location?
Precise location gives an app your exact GPS coordinates, while approximate location only places you within a general area of about a city block or more. Most apps, including weather, news, and shopping apps, work fine with approximate location. Turn off “Use precise location” in an app’s location permission unless it genuinely needs pinpoint accuracy, like navigation or ride-hailing.
Which app permissions are the most dangerous to grant?
Location (especially “all the time”), Microphone, Camera, Contacts, and Phone/SMS are the highest-risk permissions, because they expose where you are, what you say, who you know, and your communications. Grant these only to apps whose core function requires them, and if an unexpected app holds one, revoke it during your audit and see if the app still works.
Will revoking a permission break my apps?
No, revoking a permission does not damage an app. If the app later needs that access, it will simply prompt you to allow it again at that moment. That makes auditing low-risk: safely deny anything unnecessary and re-grant it only if something you use actually stops working.
How often should I audit my Android app permissions?
A full ten-minute audit every three to six months is enough for most people, plus a quick check whenever you install a batch of new apps. Turning on “Pause app activity if unused” reduces how often you need a manual sweep, since Android auto-resets permissions for apps you stop using. If you notice unusual battery drain or data use, audit sooner.
The Bottom Line
Auditing app permissions on Android is fast, free, and one of the most effective privacy habits you can build. Three takeaways:
- Start with evidence. The Privacy dashboard shows what apps actually accessed, so you fix real problems instead of guessing.
- Trim the big three plus location precision. Location, Camera, Microphone, and turning off precise location deliver most of the privacy gain.
- Automate the upkeep. Auto-reset for unused apps keeps your permissions clean without ongoing effort.
Ready to lock things down? Explore more phone-privacy guides on Infurpose, including our deep dive on the signs your Android phone has been hacked. Infurpose exists to make this kind of security simple, one ten-minute habit at a time.