Question
What permissions does the xMatters mobile app require when installed on my smartphone?
Environment
- All versions of xMatters
- xMatters iOS mobile app
- xMatters Android mobile app
Answer
xMatters develops mobile apps for emergency communications to complement and enhance the xMatters service reliability platform. You can download them securely from the Google Play store or the App Store — do not download them from any other source.
The mobile apps only request the minimum access permissions required to function properly. The following sections provide details on which permissions are required for each version of the app, and what they are used for.
iOS Permissions
Camera access (optional)
- Allows the app to access the camera for QR code scanning at device login.
- Allows users to take photos related to ongoing incidents; this feature can expedite a diagnosis and resolution.
Microphone (optional)
- Allows the user to dictate a message without typing, as an alternative means to create a message.
Siri (optional)
- For suggestions from the iOS.
Notifications (recommended)
- Allows users to receive notifications.
Mobile Data (recommended)
- Allows the app to stay connected when away from a wireless internet access point. This helps to ensure the user can continue to receive critical notifications.
Passcode (recommended)
- Allows users to authenticate.
Android Permissions
Storage (application installation)
- Read, modify or delete the contents of your USB storage. The xMatters Android app can read from an external SD Card, but this is strictly for the purpose of uploading graphic files as attachments. For custom sounds, the app requests write access for .MP3 files.
Identity (authentication)
- Allows the mobile app to request authentication tokens so users can securely connect to xMatters.
- Allows the mobile app to securely store and retrieve the account information of an xMatters user.
Camera access (optional)
- Allows the app to access the camera for QR code scanning at device login.
- Allow users to take photos related to ongoing incidents; this feature can expedite a diagnosis and resolution.
Phone (contact users)
- Allows users to initiate a phone call from the app.
Contacts (authentication)
- Allows the app to read the user's contacts data so users can auto-populate their own contact information.
Note:- The app's ability to read the device's local contact list (personal phone’s contact list) is for convenience when the user is working to “Add” their own devices to xMatters services.
- If the user does not want to allow the app to read the device’s local contact list, they should select “Deny”. This choice will not affect the performance of the app.
Permissions common to iOS and Android
Receive data from internet
- Allows the app to remain connected so users can continue to receive notifications.
Control vibration
- Allows users to receive notifications via vibrations.
Full network access
- Allows the app to remain connected so users can continue to receive notifications.
Use accounts on the device
- Allows the app to request authentication tokens so users can securely connect to xMatters.
View network connections
- Allows the app to be online so the users can stay connected to receive notifications.
Create accounts and set passwords
- A new account is created whenever a user logs into xMatters and their OAuth token is securely stored under their account.
Prevent device from sleeping
- Allows the app to remain online so the users can stay connected to receive notifications.
Run at startup
- Allows the app to be online so the users can stay connected to receive notifications.
Conclusion
The mobile apps are foremost for emergency communications. The xMatters development teams actively work to ensure our mobile apps integrate effectively and securely with our SaaS services, They also work with the Security and Risk Management team to continuously assess the apps for vulnerabilities and promptly remediate any findings that could impact the integrity of the product or security of customer data.
For more information on app development and vulnerability management at xMatters, please contact security@xmatters.com.
Comments
0 commentsArticle is closed for comments.