Much of what happens during the installation of an Android app happens in the background. While Android may highlight permissions that an app requires, it stays silent when it comes to privacy.
Many apps include trackers and may also contain ads, but ad-free apps may still have trackers.
If you are particularly worried about tracking, you may find the free service Exodus useful. It is available as a web-based version that you can launch from any modern web browser.
To get started, type the name of an Android app in the search field at the top. You can type partial names and pick the app from the list of results. Other options are to type the apps’ unique handle or full Google Play URL.
The number of trackers and permissions is returned then. Select trackers to look through the list of trackers that the application references. Trackers are classified based on their purposes, e.g., advertisement, identification, or analytics.
Exodus uses colors to highlight the number of trackers and permissions. Green apps use 0 trackers and permissions. Yellow apps less than 5, and red apps more than 5.
A click reveals the total number of analyzed apps that use the particular tracker.
Note that Exodus does not decompile applications. It performs a “static analysis of APKs and compares Java class names with a list of trackers”.
In other words, there is a chance that trackers do get overlooked.
As far as permission go, these are also shown on the profile page of the app on the Exodus website.
Another useful feature is the ability to have new apps scanned. You need to supply the full Google Play Store or F-Droid URL for that.
The application will be analyzed, if it is unknown to Exodus. The makers note that apps with geographic restrictions cannot be scanned.
Verdict
Exodus, all in all, is a useful service. It highlights if an application uses trackers. If you do not want to be tracked, you may want to give it a try. Most Android apps use tracking in one form or another though.
Do you use services like Exodus to analyze apps before you install them? Or do you use something else to block trackers? Let us know in the comments.
If only Exodus was packaged with some app that had a 3-way switch for each potential liability it found per app; always off, always on and only on during actual usage of said app.
I use common sense. It’s a phone, it does a (modern) phones job for me, nothing more.
I think it rather depends on which phone manufacturer you choose these days since some of them like Samsung are riddled with bloatware which tracks your every move.
Once upon a time Motorola phones came with just stock Android, but since Lenovo acquired the company some models like the Moto G Power are little more than an adserver incarnate: https://www.theverge.com/24105894/motorola-moto-g-power-2024-review-specs-features-apps-bloatware