“Can we access your camera?” “Would you like to receive push notifications?” “Where are you located right now?”
Gaining access to your mobile app users' data requires priming them through a delicate balance of timing and education.
Though most mobile app users want to get through the onboarding process quickly (72% want it to take less than 60 seconds, according to a 2017 study by Clutch), they're also increasingly hesitant to grant apps permission to access their personal information.
For mobile developers, that's a catch-22. Users might need to grant access to their data before your app will work fully and correctly, but asking them to grant that permission requires trust. And that trust takes time to build, but users will abandon apps that take too long to set up. Tricky stuff.
Attempting to solve the problem, some apps bombard users with permission requests immediately after opening the app. But these confusing, irrelevant, and poorly timed mobile app permission requests quickly destroy any trust users might have in a new app. It's a big part of why over 20% of users abandon apps after only one session.
Getting users to grant the permissions your mobile app needs isn't easy—but priming users to be more comfortable with granting permissions can help reduce abandonment, build trust, and create a better experience.
Timing and relevance: The foundation of mobile app permissions priming
The success of your permissions request will depend on when you ask and whether the access you need is appropriate, considering the app's purpose.
Generally speaking, you should ask users for permissions only when absolutely necessary and only after ensuring that users understand how granting this access will benefit them.
Google's Material Design guidelines suggest two different strategies for introducing permissions to users:
When the permission is critical to the functionality of the app, request permission early.
When the benefit of granting permission isn't immediately obvious, provide additional education.
While these two strategies assume the user intends to grant each request, the guidelines also suggest a third strategy for handling the case when a user denies a request for permission:
When a user denies the permission request, provide feedback along with a method to quickly allow the permission.
Let's see how a few of the most popular mobile apps put these strategies into action.
1. Request permissions only when needed
Timing is everything when requesting permissions. Just as you wouldn't ask expect a stranger to give you access to their wallet, relying on users to grant permissions before they trust your app is destined to fail. Avoid asking for access until you truly need it.
The one exception is if a permission is critical to the functionality of the app—by all means—make the request up front. Navigation app Waze, for example, asks the user for location access immediately after the app is opened for the first time.
Since this ask is critical (it's impossible to offer directions if you don't know where the user is) and contextual (the user knows Waze is a navigation app before installation), users are likely to grant the request for location access.
Secondary permissions are those that aren't critical to the app's functionality. It's best to chain those permission requests to a particular task or feature, only asking for access once the feature is used for the first time. Users are much more likely to grant the request when they're actively trying to use a particular feature that requires that permission.
For users who just want to watch videos, the YouTube app on Android doesn't request any permissions. But the moment users press the camera icon to upload or record a video from the app, YouTube prompts them to allow access to their photos, cameras, and microphones.
This approach has two benefits:
It increases the likelihood that users seeking to upload videos will grant the request, and
It avoids asking users uninterested in uploading videos to grant irrelevant permissions.
Now that you understand when it's best to ask for access, let's look at how you should implement permission requests in your app.
2. Educate users and explain the benefits of granting permissions
Your onboarding sequence is a great opportunity to educate users and demonstrate the benefits of your app. You can think about permission priming in the same way—a miniature onboarding sequence for permission requests.
Each time your app requests a new permission, it's important to make clear to the user why the request is being made and what benefits the user will get in return.
While some apps might get away with requesting permissions immediately—WhatsApp asking for messaging access, for example, or Waze requesting location access—it's important for most apps to provide a little context and education to prime users before requesting permissions. That way, when you do make the request, users are more likely to accept.
Your onboarding sequence is a great opportunity to show users how you're planning to use the functionality of their device in beneficial ways, before asking them for access. Personal-training app Zova explains in their onboarding videos how push notifications will unlock daily health and fitness videos and nutrition tips, helping users get more value from the app.
For secondary permissions, it's best to give users information in context using educational microcopy and pre-permission overlays. Brenden Mulligan found that using pre-permission overlays in his mobile app Cluster led to nearly every user granting access to their contact list:
"We first showed them a dialog about why we needed the access and gave them the choice to use the address book, or enter contact info manually themselves. . . . It was a bit of a pain to ask them twice, but when presented with the iOS dialog, no one ever hit “Don’t Allow.” Plus, when the people who tapped “I’ll Enter Contact Info” realized what a pain it was, we had another prompt that let them connect their address book at that point."
Be specific about why you're asking—make sure users know how granting permissions will benefit them. For example, while some users might question why Starbucks needs to access location, an overlay explains how turning on location services allows users to quickly find nearby stores and access regional menus.
By providing context and education to prime users before requesting access, both Zova and Starbucks are able to turn big asks into thoughtful requests.
Now, even though you're asking at the right time and in the right way, there's always a chance the user will still say no. Let's look at what to do when a user denies your permission request.
3. Make it easy to return after denying a permission request
Making permissions optional goes a long way toward building trust and putting users at ease. Some users will inevitably deny a permission request, and it's essential you handle those denials effectively.
Whenever a user denies a permission request, describe the effect their refusal will have and the benefits they'll forgo by denying permission. If the app can't run because the user has denied a critical permission, explain this and prompt users to re-enable the permission.
Scooter rental app Bird, for example, cannot run without access to the users' location—if a user denies location access, the app displays a warning explaining the problem, and prompts users to allow location access before letting them continue.
Sometimes, denying even secondary permissions can change the entire user experience. While notification access might not keep your app from running, a lack of notifications can cause users to abandon the app.
Research firm Localytics found that users who opted into push notifications were nearly twice as likely to use an app 11 or more times than users who disabled push notifications.
It's easy to see the impact of push notifications in the chart below—as the number of sessions (shown along the X-axis) grows, the percentage of users with push notifications enabled (shown on the Y-axis) is consistently higher than those with push disabled, particularly after eleven or more sessions.
Meditation app Headspace relies on push notifications to help users form beneficial meditation habits. But instead of forcing users to enable receiving the notifications, at the end of each meditation session, Headspace reminds users of the benefits they're missing out on and allows them to opt into notifications and reminders.
Be sure to provide feedback whenever a user denies a permission request, and make it as easy as possible to get back on track.
Reduce mobile app abandonment with permission priming
As mobile app developers continue finding ways to build trust, app abandonment continues to drop. A study by Localytics found that 38 percent of users who downloaded an app used it 11 or more times, compared to only 31 percent in 2012.
This industry-wide improvement is largely due to improved permission priming. There's no doubt that priming users to be more comfortable granting permissions can help reduce abandonment, build trust, and create a better experience for your users.
As you build out your onboarding process, think about how you can work permission priming into your mobile app. Make sure you're never surprising users with unexpected requests, educate them on the benefits those permissions will unlock, and make it easy to return after denying a permission request.