I always try to limit the number of permissions my apps shall require. But my apps are typically feature-rich, and will therefore need many permissions to support the required functionality of the app.
Most of my apps have ads, and ads require many permissions. All vendors of ads on Windows (Microsoft, AdDuplex, Smaato++) require
the apps that show their adbanners to have at least the following permissions:
- IDENTIFY_USER (owner identity)
- MEDIALIB_PHOTO (photo and video libraries)
- NETWORKING (data services)
- PHONEDIALER (phone dialer)
- WEBBROWSERCOMPONENT (web browser component)
The paid version of my apps are always the exact same app/code as the ad-versions, the code just "decides" to show the adbanner or not.
This means that all my apps will require these requirements, even the paid version, since it is the same physical code/app as the ad-version.
All these requirements are logical, even though they might not sound logical on first glance.
For example the "phone dialer"-requirement is because an ad can show a "Tap to call XXX-XXXX for more info" or similarily.
Note that an app (or an adbanner in this case) can never
call a number directly without you activly approving each single call.
This since Microsoft has designed Windows Phone so that it is impossible for an developer to call a number directly.
When an app tries to call "XXX-XXXX", Windows takes over and shows you a popup-message asking you "Do you want to dial XXX-XXXX?", and then you have to tap "YES" before the call goes through.
The "phone dialer"-permission is needed for the app to just be able to ask
you to call a number every time it try to call. Without that permission, it will not even be able to ask.
So for Windows Store apps, this requirement far from as "dangerous" as it sounds.