Why does Secure Call require minimal app permissions?

Why does Secure Call require minimal app permissions?
11/04/2016

Sometimes people ask us "Why I cannot reuse my phone's contacts in Secure Call like any other apps?" or "Why does my Secure Call number changes after reinstall?". All of these questions actually related to app permissions. We always wanted full anonymity for Secure Call from the beginning. So, we had to sacrifice, some easy-routes for our developers. For example, if we would choose synchronizing phone contacts instead of implementing our own contacts, the life could be easier for our developers. Or our developer could easily manage accounts on server-side by using real phone numbers as account unique identifiers.

We could also make our life easier by just adding an optional anonymous switch like some apps did. Also, we could simply complain like "You cannot do this action while anonymity turned on." if you would try to access some information which we didn't implemented separately for anonymous turned-on state. Also, if we had require some extra permissions, we could never prove that we don't use them other than explicitly stated purposes. For example, if we had access your phone state, we could never prove that we don't use your IMEI number other than device identifier purpose. At the end of day, our app is not an open source software, so there would be no way to prove what we're doing.

As a result, we've decided completely dropping "unnecessary" permissions for a voice calling app all together. For example, do we really need "reading/sending SMS" permission for a voice calling app? Absolutely no!