You need to do some housecleaning from time to time. These apps might be siphoning off precious data from your account and selling it to the advertisers for a dime a dozen. Let’s begin.
How Authorization Works
Apps are able to access your Google account using a service called OAuth that is tied in using another piece of technology called API. Once the permission is granted, the third-party app can now access your Google account and associated data in the background whenever need be. The problem begins when we give Google account access to apps that are nefarious and use it as an excuse to collect and then sell our data to bad actors. The problem persists because we tend to forget which apps have access to our Google account and don’t know how to revoke the same. That ends today. Note that you may have authorized access to your Google account when you clicked on a malicious link.
What Google Says
Buried deep into the Google help pages is information available on everything you need to know about the app authorized to access Google account. Here is a short summary.
When you sign in using Google, you give access to your email ID, profile pic, and name among other basic info. They may ask permission to copy this info to make a fresh account for you. Apps can edit, create or upload new content to your Google account. Apps with full account access can change pretty much anything on your Google account including password. Some apps ask for access to sensitive information like emails, files saved in Drive, contact details, photos, calendar entries, and even more.
Types of Account Access
Basic Information: This information is used by the developer of the app to create a new sign-in account for you using your name, email ID, and profile photo. It may also contain your age and gender in some cases. Read & Write Acces: An app like Microsoft Outlook will need read and write access to read your emails and then write to them when you compose a new email. Read and Write access means the authorized app can read all the information available in your account and write new data where and when required. Another example would be a calendar app. Full Access means the app developer can do everything that you can do. That includes the ability to change your Google account password as well. Yes, he/she can lock you out so don’t give it to anyone just like that. Rule of thumb is that no app needs that level of access and you should never give it to any app either way.
What to Consider Before Authorizing Access
Some important questions you need answers to before you allow the app access to your Google account and its data.
Security of the site or app in question Can you delete collected data from the app later when wanted How will they use the collected data Will they notify you if something changes or goes wrong Who else will have access to this data
How to Remove Authorized Apps From Google Account
Here is your Google account, where you can manage everything like security, permissions, and data easily. Google has been busy building and developing it for quite some time now, but not many people know about it. Maybe, they should advertise it more. Sign in using your primary Google email ID, the one you use to sign in to all the apps. Click on Security in the left sidebar and scroll a little to find Third-party apps with account access heading. That’s where you will see a small list of apps that you have authorized access to your Google account. Click on Manage third-party access.
The Google My Account permissions page will open where you will see a detailed list of all apps authorized access to your Google account. It could be by you or someone who has access to your account (your SO). You will view exactly what the app can access on the right. That will include contacts, emails, account read access, YouTube, Calendar, and so on.
It can be an eye-opener on how deep Google has permeated into our lives, and just how much we use and depend on it on a daily basis. Google literally knows everything about us, maybe even more than we know about ourselves. To think that someone has access to all or part of this information can be unsettling, to say the least. But, today is the day that you get to be in control. Click on each app to reveal further options.
You can see what Google services the app has access to, a link to the Play Store, the date on which the app was authorized to access, and a blue button to Remove Access. Now, you know what to do if you deem fit to revoke access.
You will be asked to reconsider your decision and confirm what you want to do. Click on OK to continue. Repeat the same process for all the apps that you see on the list. Remove authorization for all apps that you either don’t need, use or remember giving access to your Google account.
What Happens After You Revoke Access
Most likely, you will be signed out of the app in question and won’t be able to use it again, until necessary permissions and access have been restored. That is not hard to do. Apps with read and write access will no longer be able to access your Google data or change it in any way. And as we discussed, you should never give full access to any app anyway.
Δ