This document discusses the new runtime permissions model in Android Marshmallow. Key points include: - Apps now request permissions at runtime when the associated feature is needed rather than during install. This improves privacy and reduces permission friction. - Legacy apps still request permissions at install but users can revoke permissions. Apps won't crash without permissions but may return no data. - Best practices include only requesting minimal permissions upfront and checking permissions before each use rather than caching results.

1. Android Marshmallow
Runtime Permissions

2. What is the difference
● Ask for permissions when
application need it.
● Less install resistance.
● Better privacy control.

3. What is the difference
● How many times you have
decided to not to install an
app?

4. What is the difference
● How many time you thought
you were forced to grant
permissions to install an app?

5. Difference - New install process

6. What is the difference
● Asking permission when
accessing certain feature.

7. Difference - Privacy Control

8. Difference - Privacy Control

9. Backward Compatibility
● Legacy apps work as usual on Android M.
● Ask for permissions at install time.
● Users can still revoke the granted
permissions!
● Application doesn’t get any exception (read
crash) for not having permission.
● Application get null or zero records!

10. Forward Compatibility
● Installing an application on older Android
versions….
● Your application ask for permissions at
install time.
● Support library takes care of API calls.
● Separate xml identifier for newer permission
only available at Android M.

11. Best Practices
● UX Best Practices.
● Development Best Practices.

12. UX Best Practices
● Don’t ask for a lot of permissions at once.

13. UX Best Practices
● Checkbox of Death!
● Ask - Explain - Ask
● Inform user that app
can’t work!

14. Best Practices
● UX Best Practices.
● Development Best Practices.

15. Development Best Practices
● UX best practices applies.
● Ask for permission when you are really using that
feature
● Always check for permissions. Don’t assume or cache
results.
● Permissions can be revoked while your background
service is running.

16. Code Samples
● https://github.com/googlesamples/android-
RuntimePermissions

17. Code Samples

18. Code Samples

19. References
● https://medium.com/ribot-labs/exploring-the-new-
android-permissions-model-ba1d5d6c0610
● http://developer.android.com/preview/features/runtime-
permissions.html
● https://www.youtube.com/watch?v=f17qe9vZ8RM