What Are Permission Requests and Why Have Them?
An app must request permission before accessing resources such as the camera, current location, or microphone, on the user’s mobile device. The app sends (via the operating system) a request in the form of a modal dialog, asking the user to grant or decline access.
There are slight differences in how these requests are presented across mobile operating systems. As you can see from the example above, in iOS the user is asked for access to the microphone, whereas in Android the user is asked for permission to record audio. Moreover, in iOS, the modal dialog contains what’s called a purpose string, which describes why the app is requesting access. This type of information is not present in Android. It’s up to Android designers to ensure that the rationale behind the request is introduced before the modal dialog appears.
Permission requests give users perceived and actual control over their personal (and potentially sensitive) data. The decision to allow access can be a significant one, as the app often retains access to the resource until users uninstall the app or deliberately revoke the permission in their device’s permission settings. As a result, users need to trust that the app won’t ever maliciously access resources.
App permission requests are still often poorly designed, despite fairly extensive guidance from the iOS and Android development community. One reason could be that permission requests are often not considered to be part of UX design, because the UI component for the permission itself is dictated by the operating system. It may also be hard for UX designers and app developers to understand why permission requests are so important. After all, who wouldn’t want to give access to every resource so they may use all the excellent functionality?
However, app permission requests contribute to the overall user experience and should follow the same usability principles as other features. They should:
- be easy to use and understand
- fit the user’s mental model
- promote genuine, informed choice
- stand up to scrutiny from regulators
When permission requests are designed well, they seem reasonable and nonintrusive; users barely think twice when dealing with them. On the other hand, when permission requests are designed poorly, users often feel uncomfortable, confused, and irritated. They may even consider uninstalling the app and looking to competitors, especially if the app’s brand isn’t strong and the functionality doesn’t provide great utility.
3 Design Considerations
3 design considerations greatly affect the quality of a permission request. These are:
1. Permission-request copy
2. Timing
3. Decision reversal
1. Permission-Request Copy
The best permission requests communicate the rationale behind the request. In one study of 15 mobile apps, Tan and his colleagues found that users were 12% more likely to grant a permission request when they were given a reason for the request. This estimate came from randomly showing or removing the purpose string included with each request, as designed by its vendor, even when the explanation was fairly poor.
Of more interest, the researchers also tested a series of different reasons for requesting access to contacts in a party-planning app they had created. Here, the most compelling reason (Let Party Planner use your contacts to autocomplete email addresses) resulted in a whopping 81% lift in granted requests compared to the least compelling reason (Party Planner would like to access your address book to show you the cheapest attractions by your contacts’ location and other purposes.). As we’ve said many times before, UX copy drives decision making. It’s not at all surprising that the wording of a request came close to doubling the acceptance rate, because words are one of the most important elements of the user experience.
When users read a permission request, they perform an implicit cost–benefit analysis. They ask themselves how much benefit they will receive from granting this permission and how much they trust the app to allow it access. Designers must write understandable copy, especially when communicating the rationale for unexpected permission requests, so as not to alarm users and to help them understand why the app requires access to a resource on their device.
In order to assist users in making an informed choice:
- write content that is free from technical jargon and focus on user-oriented benefits, rather than system-oriented features
- clearly communicate to users what they’ll get in return
- don't request access to resources without providing any value to users, as they may become suspicious of your app and brand, and such data collection can be deemed excessive by regulators
Write requests that focus on user benefits. Don’t just mention the features that depend on the permission; frame your requests in terms of what those features will do for your users. This information makes it easy for users to understand the request and to accept it.
Example:
OK: Skyscanner would like to access your location for flight-search personalization.
Better: Skyscanner would like to access your location, so that you can quickly select departure airports near you.
Example:
OK: Allow Snapchat access to your camera for taking photos.
Better: Allow Snapchat access to your camera, so you can take snaps in the app to share with friends.
Far too many Android apps neglect to provide explanations for the permission request and user benefits (while their iOS versions provide perfectly good explanations). UX teams designing for Android should consider providing additional screens to communicate the purpose before the permission request appears; otherwise, consent cannot be seen to be properly informed.
Writing Suggestions:
- Write in the active voice.
- Use plain language that your users understand.
- Explain why the app requires access and convey the user benefits. Generally, a good content formula for permission requests goes like this: [app] would like to access your [resource] so that you can [benefit/task].
- Avoid vague phrases such as to offer a better user experience when explaining why the app requires access. (Users are highly skeptical of vague promises and often suspect that they cover nefarious schemes.)
- For Android, design additional screens for unexpected requests, so that the rationale and benefits can be communicated to users before the permission-request dialog appears. (And if you’re Google, redesign the permission API, to make it easy to include an explanation right when the request is made.)
- Test your permission requests with users to find out whether they understand the text.
2. The Timing of the Permission Request
The timing of permission requests is important, as it can result in users finding the request either normal or alarming.
There are two types of permission request: context-related and system-initiated. Context-related permission requests are less likely to cause surprise: users select an icon in the app (such as a camera or microphone symbol) or tap inside an address field (for location), and the system reacts with a permission request. The context of the users’ action and timeliness of the modal dialog help them to reason about the meaning of the request.
Conversely, system-initiated requests, which are programmed to request a permission at a specific time, often require additional context. An example of a system-initiated request is when the user opens an app for the first time and is greeted with a dialog asking for access to the current location. Because system-initiated requests can be programed to appear at any time, there’s more potential for them to occur at moments that are inopportune for the user.
Interruptions at the start can be overwhelming and confusing. First impressions are formed when users install an app. Asking for all permissions (like Viber does on Android) is like asking for a donation without telling people anything about the charity. A better modus operandi is to ask only for core permissions (essential for the core functionality of the app) upon the first launch and ask for further permissions only when they are needed to offer the user additional functionality.
Suggestions for timing permission requests:
- Don’t show all permission requests at once. Avoid asking for all permissions upfront, when the app is first installed.
- Whenever possible, initiate a permission request when the user selects a feature that requires that permission. This approach gives the request important context and the user a feeling of control, plus it’s more likely for users to understand why the app needs it and agree to it.
- When users are completing a task in your app, don’t interrupt them with an unrelated system-initiated permission request, because unsolicited modal dialogs irritate users and are quickly dismissed.
- Provide value to the user before asking for noncritical permissions.
3. Decision Reversal for Permissions
Sometimes users initially deny access to a resource and later want to reverse their decision. For example, they may deny access to the phone contacts for a messaging app, but later realize that adding contacts manually is too arduous and may wish to reverse their initial decision.
Rather than reporting an error when users try to access a feature that relies on a denied permission, clearly explain why that functionality can’t be used, and make it easy for them to grant access. Sometimes users don’t make the mental connection between a permission and a functionality, so providing this messaging helps users to form the right mental model of the app’s workings.
Secondly, provide a link to where they can toggle the permission on, in order to make sure that users will not get lost in their permission settings.
Tips for designing for decision reversal:
- When users try to access functionality in the app that requires a permission they initially declined, clearly describe the reason the functionality is not available.
- Provide a link to the exact place in the device’s settings where they can reverse their decision.
Avoid Dark Patterns
Since the implementation of the GDPR requiring unambiguous consent for EU citizens, some app developers have begun implementing dark patterns to nudge users to agree to their permission requests. In some cases, app developers try to couch a permission request as an informational dialogue (like in the WeChat example below). These requests can often pop up at times when the user is in the flow of a task. Sometimes designers make it deliberately difficult for users to deny the request. While these unscrupulous tactics may be successful in getting more users to accept permission requests, they are ethically and legally dubious. Moreover, they erode trust and may impact user loyalty over time.
Avoid using dark patterns. Give your users enough information to make their own choice. Respect their decision. Remember, you can always support users to reverse their decision later.
Summary
App permission requests allow users to remain in control of their data. Users perform a cost–benefit analysis when deciding whether to accept a permission request. It’s important that designers think about how to communicate the benefits and when to make the request, so that users aren’t irritated or alarmed, and feel in control. Lastly, designers should avoid dark patterns, and instead present users with fair options and the ability to reverse their decision later.
For more on mobile notifications and related topics read our report UX for Mobile Applications and Websites.
References:
Tan, J., Nguyen, K., Theodorides, M., Negrón-Arroyo, H., Thompson, C., Egelman, S. and Wagner, D. (2014). The effect of developer-specified explanations for permission requests on smartphone user behavior. InProceedings of the 32nd annual ACM conference on Human factors in computing systems - CHI ’14 (Toronto, Ontario, Canada, 2014), 91–100.
Android developer guidance: https://material.io/design/platform-guidance/android-permissions.html
iOS developer guidance: https://developer.apple.com/design/human-interface-guidelines/ios/app-architecture/requesting-permission/
Share this article: