If you’re someone who has been on the internet for a while, chances are that you’ve used your Google account in order to sign in to an app or service. As the years go by, there are newer apps that replace the old ones but the permissions you shared with them stay the way they used to be when you first set them up.
If you want to stay protected from the next biggest data breach, it’s important that you revisit your Google account permissions and clean it up every once in a while. Fortunately for you, Google offers an easy way to manage your third-party app permissions.
What kind of permissions can be given
Apps and services you signed in to over the years can each have different access to your Google account data. This can include access to any of the services offered by Google like Google Drive, Gmail, Calendar, Contacts, Hangouts, and Photos. You can view the apps and services that are accessing your Google account by heading over to the Google Account Permissions page.
Third-party apps with account access
If your account mentions that an app or a service is using sensitive information from one of the services listed below, you must reconsider managing this access for your own security.
- Google Drive: Access to documents you shared with other people, their contact information
- Calendar: Access to your daily routine and appointments.
- Gmail: Access to your emails, private correspondence, names of contacts and attachment.
- Contacts: Access to names, phone numbers, addresses and other contact information of people you know.
- Photos: Access to your photos uploaded on Google Photos that contain pictures of your family, and geotags of pictures.
Sites that you signed in using your Google Account
Some services, sites, or apps can only access your basic profile information. If you’ve signed into an app or site using your Google account, the service can only have access to basic info, including your name, email address, and profile picture. This information helps the site register you to sign in to their app/site instead of creating a new account with a password.
These are Google’s own suite of apps that you use on one or more devices. On most occasions, these apps have full access to your Google account and since they are made by Google, the data can be trustfully allowed access to. As explained by Google, if you’re using Google Chrome on macOS, chances are that Chrome has been given full access to your Google account which is fine. The Mountain View company, however, suggests that you revoke access to Google apps that you no longer use.
Is it okay to give permissions
Some information in your Google account might be a little too sensitive to be shared with anyone. So when allowing an app or service access to your account, you should be sure of what you’re willing to share. Google lets you give third-party sites and apps (that are not developed by Google) access to different parts of your account. It is thus important to know which sets of information are being accessed by your apps. While there is no perfect rule for this, it comes down to you if you wish to modify the way you share data.
Services that can view your basic profile information
In most cases, the sites and apps that you log in to using your Google account only have access to your basic profile information. This information includes your name, email address, and profile picture, all of which are key to register and create a new account for a service to make you identifiable among other users.
More often than not, you can trust the apps listed to use Google sign-in as they do not exploit your data nor have access to sensitive ones. Your Google account, in this scenario, is just a key to opening the site’s account which lets you bypass the site’s registration process.
Apps that can see ‘some’ of your data from your Google account
Besides viewing your basic info, some sites and apps can ask for access to other information that’s available in your account. This can be anything ranging from your contacts and YouTube playlists to Photos, Calendar, and more. It is thus, very important to reconsider what information you want to share with these apps. If you deem that an app shouldn’t be accessing your Calendar and Photos, then you must revoke access to the app through your Google account settings.
Apps that can edit, upload, and create data in your Google Account
In addition to having access to your basic and the ability to view some of your data, some apps ask for permission to both read and write data onto your account. These apps will be able to create, edit and upload content to your account. Google says that if given the right permissions, a film editing app may be able to edit your video and post it on YouTube while a travel app may be able to create an event in your Google calendar.
How can your data be misused
- Data used by a service may be used in ways that are not obvious and can be shared with others you might not have wanted to.
- Your data can be accessed by unauthorized people if the service you shared your data to has been hacked. Since the data is being accessed by servers not that of Google’s, your data might not be as secure as it might be with Google.
- Your data is never really deleted even after revoking access: Third-party apps that have access to your Google Account can copy and save your data on their own servers. It’s thus not easy to delete the account you created on the app even if you revoke access to the app.
- You’ll never know if an app or service changes its policies: Once you’ve allowed an app to access parts of your account information, you will not hear from them even if they’ve changed their policies and practices unless they want access to more information.
- Your data can also be access by other humans: When you decide to share your account info to a service, it’s not just the servers that will view and analyze your information but also individuals working for the organization. These can be real humans who will be able to access your account information, including your emails and contacts.
Should you revoke them or leave it be
Since your account may contain sensitive information and it’s thus important to analyze if you really need an app to have access to a given set of data. If you think you gave account access to a site that you no longer trust, your next best move is to remove its access to your Google Account.
While revoking access doesn’t necessarily mean that your data will be deleted, it will make sure that the app or service won’t have permission to read or edit your account information in the future. You can choose to revoke permissions if you think an app/service is requesting more information than it should be.
For example, if you’ve signed into a travel app using your Google account, it makes sense for the app to ask for access to your Google Calendar since it will be making appointments and reservations and then add it to your calendar. If the same app asks for access to your photos, that’s when you remove access to the app.
How to remove permissions from your Google account
If you’ve finally decided to revoke permissions to the apps that you think you don’t need to share data with, you can remove its access to your Google Account.
Step 1: Open the Google app on your Android phone.
Step 2: Tap on the More button (3-dot button) at the bottom right.
Step 3: Hit the down arrow next to your account name.
Step 4: Tap on Manage your Google Account.
You will be taken to a new page.
Step 5: Tap on Get Started.
Step 6: Slide through the tabs at the top and select the Security tab.
Step 7: Under the ‘Third-party apps with account access‘, tap on Manage third-party access.
Step 8: Review your permissions and analyze whether a service needs access to particular info. When you arrive on the third-party permissions page, you’ll notice three lists with different levels of access including ‘Third-party apps with account access’, ‘Signing in with Google’, and ‘Google apps’. Use your logic to decrypt whether an app would need permission or two.
Step 9: If you want to revoke permissions, tap on a service listed on the page.
Step 10: Tap on Remove Access.
Step 11: When prompted for confirmation, tap OK.
The app or website will no longer be able to access your account information in the future. This means the service will not be able to read, edit, write, create, or delete content on your account.