Smartphone App Permissions: Ever Cared to Find out which ones to give or deny?

So I am one of those paranoid types, when I learnt that some apps can request for strange permissions when installed, I go through permissions to check which to allow and which to deny. And if I don’t use an app regularly, I deny it permissions entirely till when it will need.

Well, it’s not all smooth, I paid for my behaviour yesterday.

I had denied Mula app permissions to access the telephone, and it didn’t work. It kept telling me that the app couldn’t find some parameters, so this means that it couldn’t connect the phone number with Mpesa account number when doing API calling, and that’s how I slept without electricity. My tokens had ended, and the alternative was buying via the KPLC paybill that can send the tokens anywere from 30 minutes to the next day, or probably never.

The tokens SMS came in at 2am.

Today I remember that I had disabled permissions for Mula, turned telephone back on and it works. To think I set phone on airplane mode, restarted, tried 1999 times. SMH!

This and T&Cs are the same

I only make a point to check permissions of less trusted apps. Basically anything coming out of China and most Asian countries. Those people have no perception of the word ethics. On most other apps I let them have whichever permissions they request during installation.

You clearly haven’t met WhatsApp among other Facebook apps.


I gave up on the FB app ages ago because it was garbage. WhatsApp is good and hard to fault. Even it’s permissions make total sense. Anything it doesn’t use from the get go is disabled by default. Seriously, have you ever used any app by Cheetah Mobile? I’m talking of apps like CM browser, CM security (Security Master Anti Virus) - - they keep renaming apps for some unknown reason. They spam every area of your phone. I’m talking about nonsense ads on the status bar, lock screen, unwanted shortcuts on the home screen, useless floating widgets, full screen ads even when you are using another app, and the list goes on. All this because of being too liberal with permissions during installation. I just dislike Chinese apps for this reason. I actually rolled my Opera Mini back to pre-buyout times because these days it’s ads galore on Opera Mini no thanks to the Chinese.

Away from permissions, I switched from the paybill to the @tspacebot that you covered here a few months back. No mpesa charges and it has consistently given me my tokens in <5 seconds several times a month at all hours for 4 months now. Good bot.


Wow! Why haven’t I been using this all along? I have always bought 100 bob tokens because I don’t like the cost of transactions it attracts on Mpesa via Paybill. Now I’m a convert.

Sorry Mula.


Such apps are shown the bin 60 seconds after installing. Unaeka app inakuspam na ads kama kumi hata before ikuoneshe what it’s capable of doing.

So true. I figured out it’s mostly Chinese apps that do this so I check the developer’s address to know if it’s made by them. Indian apps are also bad in terms of spam but not China bad. The safest regions to download apps for me in order of decreasing importance are: European countries, North America, South Asian countries (Philippines, Thailand, Malaysia, etc.), South America, and lastly China.

Apps from the Scandinavian countries (Sweden, Norway, Denmark, etc.) are the best behaved.

I think a fluent app should bring a toast notification to call a given permission as per the actions initiated by a user at that instance.

Anyway, I get my tokens from my good guys at Equitel with no extra charges. Top guys, those.

1 Like

How such things get forgotten.

Economist mwenyewe :joy::joy::joy::joy::joy:


Actually i have been using this bot to pay and know my postpaid kplc bills it is a top notch bot with no costs attached

I’ve been afraid of trying buying my tokens via Telegram but since you’re a witness… I’m moved by how quick you can get your tokens!

just be clear about permissions, when an app asks for permission to read my messages does that mean they actually see the contents of all my messages even from banks, mpesa, lovers etc?

Definitely yes. Some permissions are easy to abuse especially when it comes to accessing contacts, call logs, camera and microphone recording.

This is not good for security, especially when banks send pins via sms , bank balances etc, is installing a pin protection app enough to block the access, I’ve noticed some apps can’t read sms when it’s pin protected eg equity app

Do you mean 2FA and/or verification codes? I do not think any bank is using SMS to send pins.

is installing a pin protection app enough to block the access

Which apps have you tried? I’d like to try them out.

Using sms for 2FA has been deprecated for a while now. It’s trivially easy to steal the authentication codes.

Pin protection apps implicitly implies that you are trusting a third party. I personally wouldn’t recommend them

Doesn’t Equity send its Eazzy banking app pin via SMS?