KaiOS Permissions Apps Security

Complete KaiOS Permission Guide

Posted by Tom Barrasso on (updated on )

Complete Guide to App Permissions on KaiOS

There are more than 100 permissions available on KaiOS! Below is the complete list of permissions on KaiOS 2.5 and KaiOS 3.0 defined in PermissionsTable.jsm to help with developing your next application.

Hosted & Privileged Apps

Geolocation

 1geolocation: {
 2    app: PROMPT_ACTION,
 3    privileged: PROMPT_ACTION,
 4    certified: PROMPT_ACTION
 5},
 6"geolocation-noprompt": {
 7    app: DENY_ACTION,
 8    privileged: DENY_ACTION,
 9    certified: ALLOW_ACTION,
10    substitute: ["geolocation"]
11}

Similar to web apps, KaiOS apps can request access to the user’s Global Positioning System (GPS) coordinates using the Geolocation API. However, this API is not available unless your app requests the geolocation permission. Calling navigator.geolocation.getCurrentPosition at runtime will trigger a permission request dialog that the user can then accept or reject. For Certified apps there is also a substitute permission, geolocation-noprompt, which as the name implies does not trigger a permission request dialog.

Camera & Video

 1camera: {
 2    app: DENY_ACTION,
 3    privileged: PROMPT_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"video-capture": {
 7    app: PROMPT_ACTION,
 8    privileged: PROMPT_ACTION,
 9    certified: ALLOW_ACTION
10},

Access to the device’s cameras requires the camera permission, which will prompt the user except in Certified apps. Similarly for video recording, the video-capture is required.

Alarms

1alarms: {
2    app: ALLOW_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Access to the Alarms API requires the alarms permission.

Sockets

 1"tcp-socket": {
 2    app: DENY_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"udp-socket": {
 7    app: DENY_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10}

Access to the TCP or UDP Socket API requires the tcp-socket or udp-socket permission, respectively. For more on the Socket API, see the blog post.

Contacts

1contacts: {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION,
5    access: ["read", "write", "create"]
6}

Access to the contact’s list requires the contacts permission.

DeviceStorage

 1"device-storage:apps": {
 2    app: DENY_ACTION,
 3    privileged: DENY_ACTION,
 4    certified: ALLOW_ACTION,
 5    access: ["read"]
 6},
 7"device-storage:apps-storage": {
 8    app: DENY_ACTION,
 9    privileged: DENY_ACTION,
10    certified: ALLOW_ACTION,
11    access: ["read"]
12},
13"device-storage:crashes": {
14    app: DENY_ACTION,
15    privileged: DENY_ACTION,
16    certified: ALLOW_ACTION,
17    access: ["read"]
18},
19"device-storage:pictures": {
20    app: DENY_ACTION,
21    privileged: PROMPT_ACTION,
22    certified: ALLOW_ACTION,
23    access: ["read", "write", "create"]
24},
25"device-storage:videos": {
26    app: DENY_ACTION,
27    privileged: PROMPT_ACTION,
28    certified: ALLOW_ACTION,
29    access: ["read", "write", "create"]
30},
31"device-storage:music": {
32    app: DENY_ACTION,
33    privileged: PROMPT_ACTION,
34    certified: ALLOW_ACTION,
35    access: ["read", "write", "create"]
36},
37"device-storage:sdcard": {
38    app: DENY_ACTION,
39    privileged: PROMPT_ACTION,
40    certified: ALLOW_ACTION,
41    access: ["read", "write", "create"]
42}

Access to the DeviceStorage API requires a device-storage:* permission corresponding to the requested storage type like sdcard, music, pictures, and videos. Special storage types including apps, apps-storage, and crashes are limited to Certified apps only.

Speech Recognition

1"speech-recognition": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Access to the Web Speech API requires the speech-recognition permission.

Browser

 1browser: {
 2    app: DENY_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"browser:universalxss": {
 7    app: DENY_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10},
11"browser:embedded-system-app": {
12    app: DENY_ACTION,
13    privileged: DENY_ACTION,
14    certified: ALLOW_ACTION
15}

Using the browser permission, it’s possible to embed an external website within your app.

Bluetooth

1bluetooth: {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The bluetooth permission provides access to the Bluetooth API, as well as the System Messages below. It’s used to discover and connect to nearby devices over Bluetooth.

  • bluetooth-pbap-request
  • bluetooth-map-request
  • bluetooth-cancel
  • bluetooth-hid-status-changed
  • bluetooth-pairing-request
  • bluetooth-opp-transfer-complete
  • bluetooth-opp-update-progress
  • bluetooth-opp-receiving-file-confirmation
  • bluetooth-opp-transfer-start

Mobile Network

1mobilenetwork: {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Access to specific properties (lastKnownNetwork and lastKnownHomeNetwork) within the Mobile Network API requires the mobilenetwork permission, accessible via navigator.mozMobileConnections.

Push Notifications & ServiceWorker

 1push: {
 2    app: ALLOW_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6serviceworker: {
 7    app: ALLOW_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10},
11"desktop-notification": {
12    app: PROMPT_ACTION,
13    privileged: PROMPT_ACTION,
14    certified: PROMPT_ACTION,
15    defaultPromptAction: ALLOW_ACTION
16},

Unlike on modern web browsers, on KaiOS the ServiceWorker API isn’t available without requesting the serviceworker permission. Similarly, the Push API isn’t available without the push permission. Finally, actually displaying notifications using the Notification constructor or a ServiceWorker requires the desktop-notification permission.

FM Radio

1fmradio: {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Access to the FM Radio API using navigator.mozFMRadio (navigator.b2g.fmRadio on KaiOS 3.0) requires the fmradio permission.

Window Types

 1attention: {
 2    app: DENY_ACTION,
 3    privileged: DENY_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"global-clickthrough-overlay": {
 7    app: DENY_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10},
11"moz-attention": {
12    app: DENY_ACTION,
13    privileged: ALLOW_ACTION,
14    certified: ALLOW_ACTION,
15    substitute: ["attention"]
16},

When calling window.open, it’s possible to specify optional features. KaiOS supports a few special features including:

  • dialog creates launches a Web Activity using the view name, or launches a popup window
  • attention creates an attention window
  • global-clickthrough-overlay creates a global clickthrough overlay
  • mozhaidasheet creates an in-app sheet with a special animation

App Management

 1"webapps-manage": {
 2    app: DENY_ACTION,
 3    privileged: DENY_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"homescreen-webapps-manage": {
 7    app: DENY_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10}

In order to get the list of installed apps along with their names & icons, the homescreen-webapps-manage permission is required. This provides limited access to navigator.mozApps.mgmt to retrieve the app list and uninstall apps. For full access, including the ability to install apps, the webapps-manage is needed.

Note: the homescreen-webapps-manage permission is only available to a Privileged application that is set as the current homescreen.

SystemXHR

1"systemXHR": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The systemXHR permission allows apps to make cross-origin resource (CORS) requests using the mozSystem flag without the same-origin policy. Check out XMLHttpRequest without CORS for more details and examples.

1let xhr = new XMLHttpRequests({ mozSystem: true });

Embedding

 1"embed-widgets": {
 2    app: DENY_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"embed-apps": {
 7    app: DENY_ACTION,
 8    privileged: DENY_ACTION,
 9    certified: ALLOW_ACTION
10}

Note: the following permissions do not work because the Embed API was never finished.

Storage

1"storage": {
2    app: ALLOW_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION,
5    substitute: [
6    "indexedDB-unlimited"
7    ]
8}

Apps can request unlimited IndexedDB storage using the storage permission.

Note: this is dangerous and requires properly managing storage utilization to avoid crashing the device!

Audio Channels

 1"audio-channel-normal": {
 2    app: ALLOW_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"audio-channel-content": {
 7    app: ALLOW_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10},
11"audio-channel-notification": {
12    app: DENY_ACTION,
13    privileged: ALLOW_ACTION,
14    certified: ALLOW_ACTION
15},
16"audio-channel-alarm": {
17    app: DENY_ACTION,
18    privileged: ALLOW_ACTION,
19    certified: ALLOW_ACTION
20},
21"audio-channel-system": {
22    app: DENY_ACTION,
23    privileged: ALLOW_ACTION,
24    certified: ALLOW_ACTION
25},
26"audio-channel-telephony": {
27    app: DENY_ACTION,
28    privileged: DENY_ACTION,
29    certified: ALLOW_ACTION
30},
31"moz-audio-channel-telephony": {
32    app: DENY_ACTION,
33    privileged: ALLOW_ACTION,
34    certified: ALLOW_ACTION,
35    substitute: ["audio-channel-telephony"]
36},
37"audio-channel-ringer": {
38    app: DENY_ACTION,
39    privileged: DENY_ACTION,
40    certified: ALLOW_ACTION
41},
42"moz-audio-channel-ringer": {
43    app: DENY_ACTION,
44    privileged: ALLOW_ACTION,
45    certified: ALLOW_ACTION,
46    substitute: ["audio-channel-ringer"]
47},
48"audio-channel-publicnotification": {
49    app: DENY_ACTION,
50    privileged: DENY_ACTION,
51    certified: ALLOW_ACTION
52}

KaiOS allows apps to specify what audio channel to play sounds on using the AudioChannels API. Each channel requires a corresponding audio-channel- permission. See the blog post on Audio and Volume Management for more details.

Note: for simplicity and forward compatibility with KaiOS 3.0, it’s best to avoid the moz- prefixed substitute permissions.

VolumeManager

1"volumemanager": {
2    app: DENY_ACTION,
3    trusted: DENY_ACTION,
4    privileged: ALLOW_ACTION,
5    certified: ALLOW_ACTION
6}

Controlling system volume using navigator.volumeManager requires the volumemanager permission.

Input

1"input": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The input permission gives access to the InputMethod API via navigator.mozInputMethod. The InputMethod API creates a bridge between the web content hosting an input element and the input content (i.e. input app, virtual keyboard app, or IME).

Microphone

 1"audio-capture": {
 2    app: PROMPT_ACTION,
 3    privileged: PROMPT_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"audio-capture:3gpp": {
 7    app: DENY_ACTION,
 8    privileged: ALLOW_ACTION,
 9    certified: ALLOW_ACTION
10},
11"audio-capture:3gpp2": {
12    app: DENY_ACTION,
13    privileged: ALLOW_ACTION,
14    certified: ALLOW_ACTION
15}

Access to the microphone for audio recording requires the audio-capture permission.

Near Field Communication (NFC)

 1"nfc": {
 2    app: DENY_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION
 5},
 6"nfc-share": {
 7    app: DENY_ACTION,
 8    privileged: DENY_ACTION,
 9    certified: ALLOW_ACTION
10},
11"nfc-manager": {
12    app: DENY_ACTION,
13    privileged: DENY_ACTION,
14    certified: ALLOW_ACTION
15},
16"nfc-hci-events": {
17    app: DENY_ACTION,
18    privileged: ALLOW_ACTION,
19    certified: ALLOW_ACTION
20}

For devices with supporting hardware, Near Field Communication (NFC) can be accessed using the nfc permission.

Note: as of the time of writing (March 2023), no KaiOS device has included NFC except for certain models of the JioPhone for use with JioPay only.

Speaker Control

1"speaker-control": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The Speaker Control API requires the corresponding speaker-control permission to force audio output over the device’s speakers, even while headphones are connected.

Feature Detection

1"feature-detection": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

To use the Feature Detection API via navigator.getFeature and navigator.hasFeature, the feature-detection is needed. Useful features to detect include:

  • device.qwerty if the device has a QWERTY keyboard like the JioPhone 2
  • hardware.memory to distinguish 256mb and 512mb devices
  • device.storage.size to get the total storage capacity of the device
  • dom.apps.developer_mode to check if the user has enabled Developer Mode
  • device.key.volume, device.key.endcall, and device.key.camera to check if hardware Volume, EndCall, and Camera shutter keys are present, respectively
  • device.parental-control to check if parental controls are enabled
  • device.flip to check if the device has a flip screen
  • device.bt, device.wifi, and device.gps to check if the device supports Bluetooth, WiFi, and GPS, respectively
  • ro.product.brand and ro.product.name to get product details

Mobile ID

1"mobileid": {
2    app: DENY_ACTION,
3    privileged: PROMPT_ACTION,
4    certified: PROMPT_ACTION
5}

Privileged apps can request access to Mobile Identifiers like IMEI numbers using navigator.getMobileIdAssertion requires the mobileid permission, which always prompts the user to accept or reject.

Settings

 1"settings:wallpaper.image": {
 2    app: DENY_ACTION,
 3    privileged: ALLOW_ACTION,
 4    certified: ALLOW_ACTION,
 5    access: ["read", "write"],
 6    additional: ["settings-api"]
 7},
 8"settings": {
 9    app: DENY_ACTION,
10    privileged: DENY_ACTION,
11    certified: ALLOW_ACTION,
12    access: ["read", "write"],
13    additional: ["indexedDB-chrome-settings", "settings-api"]
14},
15"settings-clear": {
16    app: DENY_ACTION,
17    privileged: DENY_ACTION,
18    certified: DENY_ACTION,
19    additional: ["indexedDB-chrome-settings", "settings-api"]
20},

Only the special settings:wallpaper.image is available to Privileged apps. This permission was removed in KaiOS 3.0 and allows apps to set the wallpaper.image setting, changing the system-wide wallpaper image without prompting the user.

External API

1"external-api": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Despite the generic sounding name, the External API via navigator.externalapi is a very limited API that only provides access to a token used by the API Daemon. It’s primarily used for KaiOS 3.0 apps that need access to these APIs.

Spatial Navigation

1"spatialnavigation-app-manage": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The spatialnavigation-app-manage permission provides access to the boolean property, navigator.spatialNavigationEnabled, which can be read or written. This toggles on or off the virtual cursor within your app.

Sandboxed Cookies

1"sandboxed-cookies": {
2    app: ALLOW_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

If an app specifically sets the sandboxed-cookies permission in its manifest, this will force reading/writing cookies of this app individually, a.k.a. no SSO service.

Web Components

1"moz-extremely-unstable-and-will-change-webcomponents": {
2    app: DENY_ACTION,
3    trusted: DENY_ACTION,
4    privileged: ALLOW_ACTION,
5    certified: ALLOW_ACTION
6}

Web Components are disabled by default and only available via the moz-extremely-unstable-and-will-change-webcomponents permission. This permission gives access to an unstable version of the Web Components APIs, allowing access to the Shadow DOM and the registration of custom elements, i.e. <x-button>.

KaiOS Accounts

 1"kaios-accounts": {
 2    app: DENY_ACTION,
 3    trusted: DENY_ACTION,
 4    privileged: DENY_ACTION,
 5    certified: ALLOW_ACTION
 6},
 7"kaios-accounts:service": {
 8    app: DENY_ACTION,
 9    trusted: DENY_ACTION,
10    privileged: PROMPT_ACTION,
11    certified: ALLOW_ACTION,
12    substitute: ["kaios-accounts"]
13}

Used for identity management via KaiOS Accounts.

SecureElement

1"secureelement-manage": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The Secure Element API enables access to the Secure Element (SE), a chip that is protected by design from unauthorized access. On KaiOS this is accessible via navigator.seManager with the secureelement-manage permission.

Presentation

1"presentation": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

The presentation permission provides access to the Presentation API via navigator.presentation.

Note: the dom.presentation.enabled preference is disabled by default, and the Presentation API is not usable on KaiOS.

Test Permission

1"test-permission": {
2    app: PROMPT_ACTION,
3    privileged: PROMPT_ACTION,
4    certified: ALLOW_ACTION,
5    access: ["read", "write", "create"]
6}

Per KaiOS Documentation:

This permission doesn’t actually grant access to anything. It exists only to check the correctness of web prompt composed permissions in tests.

China Type Approval (CTA)

1"permissions": {
2  "mobiledata": { },
3  "wifidata": { }
4}

Due to regional regulations, apps that need network access (i.e. KaiAds or Analytics) and intend to be published on the KaiStore in China, the mobiledata and wifidata permissions are required. Additionally, for privileged & certified apps the calllog permission is also required for KaiOS 2.5.2.1 and 2.5.4.1.

Certified

The remaining permissions are only available to Certified apps.

  1"mmi-test": {
  2    app: DENY_ACTION,
  3    privileged: DENY_ACTION,
  4    certified: ALLOW_ACTION
  5},
  6"network-events": {
  7    app: DENY_ACTION,
  8    privileged: DENY_ACTION,
  9    certified: ALLOW_ACTION
 10},
 11sms: {
 12    app: DENY_ACTION,
 13    privileged: DENY_ACTION,
 14    certified: ALLOW_ACTION
 15},
 16telephony: {
 17    app: DENY_ACTION,
 18    privileged: DENY_ACTION,
 19    certified: ALLOW_ACTION
 20},
 21mobileconnection: {
 22    app: DENY_ACTION,
 23    privileged: DENY_ACTION,
 24    certified: ALLOW_ACTION
 25},
 26power: {
 27    app: DENY_ACTION,
 28    privileged: DENY_ACTION,
 29    certified: ALLOW_ACTION
 30},
 31softkey: {
 32    app: DENY_ACTION,
 33    trusted: DENY_ACTION,
 34    privileged: DENY_ACTION,
 35    certified: ALLOW_ACTION
 36},
 37permissions: {
 38    app: DENY_ACTION,
 39    privileged: DENY_ACTION,
 40    certified: ALLOW_ACTION
 41},
 42phonenumberservice: {
 43    app: DENY_ACTION,
 44    privileged: DENY_ACTION,
 45    certified: ALLOW_ACTION
 46},
 47"backgroundservice": {
 48    app: DENY_ACTION,
 49    privileged: DENY_ACTION,
 50    certified: ALLOW_ACTION
 51},
 52"networkstats-manage": {
 53    app: DENY_ACTION,
 54    privileged: DENY_ACTION,
 55    certified: ALLOW_ACTION
 56},
 57"resourcestats-manage": {
 58    app: DENY_ACTION,
 59    privileged: DENY_ACTION,
 60    certified: ALLOW_ACTION
 61},
 62"wifi-manage": {
 63    app: DENY_ACTION,
 64    privileged: DENY_ACTION,
 65    certified: ALLOW_ACTION
 66},
 67"voicemail": {
 68    app: DENY_ACTION,
 69    privileged: DENY_ACTION,
 70    certified: ALLOW_ACTION
 71},
 72"idle": {
 73    app: DENY_ACTION,
 74    privileged: DENY_ACTION,
 75    certified: ALLOW_ACTION
 76},
 77"time": {
 78    app: DENY_ACTION,
 79    privileged: DENY_ACTION,
 80    certified: ALLOW_ACTION
 81},
 82"background-sensors": {
 83    app: DENY_ACTION,
 84    privileged: DENY_ACTION,
 85    certified: ALLOW_ACTION
 86},
 87cellbroadcast: {
 88    app: DENY_ACTION,
 89    privileged: DENY_ACTION,
 90    certified: ALLOW_ACTION
 91},
 92"open-remote-window": {
 93    app: DENY_ACTION,
 94    privileged: DENY_ACTION,
 95    certified: ALLOW_ACTION
 96},
 97"input-manage": {
 98    app: DENY_ACTION,
 99    privileged: DENY_ACTION,
100    certified: ALLOW_ACTION
101},
102"wappush": {
103    app: DENY_ACTION,
104    privileged: DENY_ACTION,
105    certified: ALLOW_ACTION
106},
107"downloads": {
108    app: DENY_ACTION,
109    privileged: DENY_ACTION,
110    certified: ALLOW_ACTION
111},
112"themeable": {
113    app: DENY_ACTION,
114    privileged: DENY_ACTION,
115    certified: ALLOW_ACTION
116},
117"engineering-mode": {
118    app: DENY_ACTION,
119    privileged: DENY_ACTION,
120    certified: ALLOW_ACTION
121},
122"tv": {
123    app: DENY_ACTION,
124    privileged: DENY_ACTION,
125    certified: ALLOW_ACTION
126},
127"before-after-keyboard-event": {
128    app: DENY_ACTION,
129    privileged: DENY_ACTION,
130    certified: ALLOW_ACTION
131},
132"presentation-device-manage": {
133    app: DENY_ACTION,
134    privileged: DENY_ACTION,
135    certified: ALLOW_ACTION
136},
137"requestsync-manager": {
138    app: DENY_ACTION,
139    privileged: DENY_ACTION,
140    certified: ALLOW_ACTION
141},
142"inputport": {
143    app: DENY_ACTION,
144    privileged: DENY_ACTION,
145    certified: ALLOW_ACTION
146},
147"system-update": {
148    app: DENY_ACTION,
149    privileged: DENY_ACTION,
150    certified: ALLOW_ACTION
151},
152"open-hidden-window": {
153    app: DENY_ACTION,
154    privileged: DENY_ACTION,
155    certified: ALLOW_ACTION
156},
157"system-app-only-audio-channels-in-app": {
158    app: DENY_ACTION,
159    privileged: DENY_ACTION,
160    certified: ALLOW_ACTION
161},
162"killswitch": {
163    app: DENY_ACTION,
164    trusted: DENY_ACTION,
165    privileged: DENY_ACTION,
166    certified: ALLOW_ACTION
167},
168flip: {
169    app: DENY_ACTION,
170    trusted: DENY_ACTION,
171    privileged: DENY_ACTION,
172    certified: ALLOW_ACTION
173},
174flashlight: {
175    app: DENY_ACTION,
176    trusted: DENY_ACTION,
177    privileged: DENY_ACTION,
178    certified: ALLOW_ACTION
179},
180"datacall": {
181    app: DENY_ACTION,
182    trusted: DENY_ACTION,
183    privileged: DENY_ACTION,
184    certified: ALLOW_ACTION
185},
186"keyboard-event-generator": {
187    app: DENY_ACTION,
188    trusted: DENY_ACTION,
189    privileged: DENY_ACTION,
190    certified: ALLOW_ACTION
191},
192"customization": {
193    app: DENY_ACTION,
194    privileged: DENY_ACTION,
195    certified: ALLOW_ACTION
196},
197"deviceconfig": {
198    app: DENY_ACTION,
199    privileged: DENY_ACTION,
200    certified: ALLOW_ACTION
201},
202"engmode-extension": {
203    app: DENY_ACTION,
204    privileged: DENY_ACTION,
205    certified: ALLOW_ACTION
206},
207"cloud-authorization": {
208    app: DENY_ACTION,
209    privileged: DENY_ACTION,
210    certified: ALLOW_ACTION
211},
212"fota": {
213    app: DENY_ACTION,
214    privileged: DENY_ACTION,
215    certified: ALLOW_ACTION
216},
217"libsignal": {
218    app: DENY_ACTION,
219    privileged: DENY_ACTION,
220    certified: ALLOW_ACTION
221},
222"wamedia": {
223    app: DENY_ACTION,
224    privileged: DENY_ACTION,
225    certified: ALLOW_ACTION
226}

Most of these permissions are not meant for third-party application use. However, a few can be useful in specific scenarios. For instance:

  • sms to send & read SMS messages. Useful for improving user experience (UX) when sending One Time Passwords (OTPs) via SMS without the user needing to leave and re-enter your app
  • flashlight for toggling on & off the flashlight (aka torch)
  • requestsync-manager for triggering a background script to run on regular internals (i.e. daily) and under specification conditions (i.e. only when WiFi is available)
  • downloads for storing and accessing system-wide downloads

KaiOS 2.5.3+ permissions

Some of the permissions below were found on new KaiOS 2.5 devices like the JioPhone Prima 4G (F491H) running KaiOS 2.5.3.2.

Sound Trigger

1"sound-trigger": {
2    app: DENY_ACTION,
3    privileged: DENY_ACTION,
4    certified: ALLOW_ACTION
5}

Exposes the navigator.soundTriggerManager API based on [Android’s Sound Trigger])https://source.android.com/docs/core/audio/sound-trigger. Used for AOV (Always-On local Voice) that supports wake words like “Hello Jio.” Located in libsoundtrigger.so and libsoundtriggerservice.so.

1interface SoundTriggerManager {
2    getSupportList: Model[];
3    set(model: Model): void;
4    start(wakeWords: string[]): void;
5    stop(): void;
6    onrecognitionresult: EventHandler;
7    onstatechange: EventHandler;
8}

Teereader

1"teereader-manage": {
2    app: DENY_ACTION,
3    privileged: DENY_ACTION,
4    certified: ALLOW_ACTION
5}

eMBMs - Multimedia Broadcast Multicast Service (MBMS)

1"embms": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Exposes the navigator.lteBroadcastManager API.

1interface LteBroadcastManager {
2    coverage;
3    setServiceClassFilter;
4    getService: LteBroadcastService;
5    getSAI; // Service Area Identifier
6}

Dongle Manager

1"donglemanager": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Exposes the navigator.dongleManager API for the JioPhone Media Cable.

1interface DongleManager {
2    dongleStatus: string;
3    ondonglestatuschange: EventHandler;
4    usbIpAddress: string;
5}

Device Financing (DFC)

1"dfc": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Exposes the navigator.dfc API for keeping track of device financing.

Device Security Info

1"device-sec-info": {
2    app: DENY_ACTION,
3    privileged: ALLOW_ACTION,
4    certified: ALLOW_ACTION
5}

Exposes the navigator.getDeviceSecInfoManager API for checking if the device is rooted. On the JioPhone, this is used to disable JioPay on rooted devices.

1interface DeviceSecInfoManager {
2    isRooted: boolean;
3    onrootedchange: EventHandler;
4}

Cross Domain Content and Unsafe Content Script

unsafe-content-script are cross-domain-content special permission not defined in PermissionsTable.jsm. cross-domain-content accepts an array of URLs to authorize access to for each content script.

1"cross-domain-content": [ "https://api.kai.jiophone.net/" ],

New to KaiOS 3.0

The following permissions are new to KaiOS 3.0 and were derived from builds extracted from the Nokia 2780 Flip. Note that in KaiOS 3.0, web apps are now pwa, Privileged apps are now signed and Certified apps are now core.

Account Observer

 1"account-manager": {
 2    pwa: DENY_ACTION,
 3    signed: DENY_ACTION,
 4    core: ALLOW_ACTION,
 5},
 6"account-observer-activesync": {
 7    pwa: DENY_ACTION,
 8    signed: ALLOW_ACTION,
 9},
10"account-observer-google": {
11    pwa: DENY_ACTION,
12    signed: ALLOW_ACTION,
13},
14"account-observer-kaiaccount": {
15    pwa: DENY_ACTION,
16    signed: ALLOW_ACTION,
17}

Allows an application to observe changes to Google, ActiveSync, and KaiAccounts using new WebActivity('account-manager', data) where data is an object specifying a specific action like getAccounts.

Power Supply

1"powersupply": {
2    pwa: DENY_ACTION,
3    signed: ALLOW_ACTION,
4    core: ALLOW_ACTION,
5}

Provides access to the Power Supply API via navigator.b2g.powerSupplyManager with the following properties:

  • powerSupplyOnline, a boolean
  • powerSupplyType, a string like 'USB' specifying the power supply type

As well as the following events:

  • chargingchange
  • levelchange
  • statuschange
  • powersupplystatuschanged

USB Manager

1usb: {
2    pwa: DENY_ACTION,
3    signed: ALLOW_ACTION,
4    core: ALLOW_ACTION,
5}

Provides access to the USB Manager API via navigator.b2g.usbManager with the following properties:

  • deviceAttached, a boolean property indicating if the device is attached is attached via USB
  • onusbstatuschange, a callback triggered when the USB status has changed

Virtual Cursor

1virtualcursor: {
2    pwa: DENY_ACTION,
3    signed: ALLOW_ACTION,
4    core: ALLOW_ACTION,
5}

This permission was renamed from spatialnavigation-app-manage on KaiOS 2.5, but serves the same purpose. Provides access to the Virtual Cursor API via navigator.b2g.virtualCursor, with the following properties:

  • enabled, a boolean property indicating if the virtual cursor is enabled
  • enable and disable, functions to enable and disable the virtual cursor, respectively

Web View

1 "web-view": {
2    pwa: DENY_ACTION,
3    signed: ALLOW_ACTION,
4    core: ALLOW_ACTION,
5}

Allows apps to use the special <web-view> element, rendering a website within an app similar to an iframe. The <web-view> element includes special properties:

  • src, the URL of the page to load.
  • remote, a boolean to decide if that browser should load content in a content process.
  • ignorefocus, a boolean that when set let the browser get pointer events without focusing it. This is useful for virtual keyboard frames.
  • transparent, a boolean that, if true, the background of the browser will be transparent instead of white.

Worker Activity

1"worker-activity": {
2    pwa: DENY_ACTION,
3    signed: ALLOW_ACTION,
4    core: ALLOW_ACTION,
5}

The worker-activity permission allows triggering a Web Activity from a background Worker or ServiceWorker. For instance, this could allow the user to click on a Notification and trigger a Web Activity.

Certified

KaiOS 3.0 also introduces a number of permissions only for Certified apps, including the following.

 1"background-window": {
 2    pwa: DENY_ACTION,
 3    signed: DENY_ACTION,
 4    core: ALLOW_ACTION,
 5},
 6battery: {
 7    pwa: DENY_ACTION,
 8    signed: DENY_ACTION,
 9    core: ALLOW_ACTION,
10},
11"bluetooth-privileged": {
12    pwa: DENY_ACTION,
13    signed: DENY_ACTION,
14    core: ALLOW_ACTION,
15},
16engmode: {
17    pwa: DENY_ACTION,
18    signed: DENY_ACTION,
19    core: ALLOW_ACTION,
20},
21"ime-connect": {
22    pwa: DENY_ACTION,
23    signed: DENY_ACTION,
24    core: ALLOW_ACTION,
25},
26omacpmsg: {
27        pwa: DENY_ACTION,
28    signed: DENY_ACTION,
29    core: ALLOW_ACTION,
30},
31OmaService: {
32    pwa: DENY_ACTION,
33    signed: DENY_ACTION,
34    core: ALLOW_ACTION,
35},
36"process-manager": {
37    pwa: DENY_ACTION,
38    signed: DENY_ACTION,
39    core: ALLOW_ACTION,
40},
41rsu: {
42    pwa: DENY_ACTION,
43    signed: DENY_ACTION,
44    core: ALLOW_ACTION,
45},
46"system-time": {
47    pwa: DENY_ACTION,
48    signed: DENY_ACTION,
49    core: ALLOW_ACTION,
50    access: ["read", "write"],
51},
52tethering: {
53    pwa: DENY_ACTION,
54    signed: DENY_ACTION,
55    core: ALLOW_ACTION,
56}

Removed in KaiOS 3.0

The following permissions were moved or removed in KaiOS 3.0:

  • geolocation-noprompt (use geolocation)
  • mmi-test
  • udp-socket (API removed)
  • network-events
  • speech-recognition
  • browser
  • browser:universalxss
  • browser:embedded-system-app
  • push (no longer needed)
  • serviceworker (no longer needed)
  • settings-clear
  • softkey (removed navigator.softkeyManager)
  • phonenumberservice (removed navigator.mozPhoneNumberService)
  • global-clickthrough-overlay
  • moz-attention
  • homescreen-webapps-manage
  • backgroundservice
  • resourcestats-manage
  • idle
  • time (replaced by system-time)
  • embed-apps
  • embed-widgets
  • moz-audio-channel-telephony (use audio-channel-telephony)
  • moz-audio-channel-ringer (use audio-channel-ringer)
  • open-remote-window
  • input-manage
  • audio-capture:3gpp (use audio-capture)
  • audio-capture:3gpp2 (use audio-capture)
  • nfc
  • nfc-share
  • nfc-manager
  • nfc-hci-events
  • mobileid
  • test-permission
  • kaios-accounts (replaced by account-observer-kaiaccount)
  • kaios-accounts:service (replaced by account-observer-kaiaccount)
  • themeable
  • settings:wallpaper.image
  • engineering-mode (replaced by engmode)
  • tv
  • before-after-keyboard-event
  • presentation-device-manage
  • requestsync-manager (API removed)
  • secureelement-manage
  • inputport
  • system-update
  • presentation
  • open-hidden-window
  • moz-extremely-unstable-and-will-change-webcomponents (no longer needed)
  • system-app-only-audio-channels-in-app
  • keyboard-event-generator
  • customization
  • deviceconfig (replaced by device-configuration)
  • external-api
  • engmode-extension
  • spatialnavigation-app-manage (replaced by virtualcursor)
  • sandboxed-cookies (now the default behavior on KaiOS 3.0)
  • libsignal (now requires systemXHR)
  • wamedia

Conclusion

With over 100 permissions, and major differences between KaiOS 2.5 and 3.0, it can be difficult knowing which APIs and permissions can be used for an optimal user experience. If you need an experienced partner to guide your KaiOS development, contact the author from the About page.

CATALOG
    FEATURED TAGS
    KaiOS Security Developer Apps Tips KaiStore Permissions Showcase API Bharat Jio JioStore KaiAds Memory Nokia Optimizing Phone Privacy 4G About