I have the exact same problem.

I've just created an app using Vuforia for an enterprise customer, and in order to get it approved through their security audit, they need to know what the app is sending.

Things like: android.permission.READ_PHONE_STATE   don't help me much, since this basically states that the app can check who and when I'm calling people. Why on earth should an AR library need this info?

On IOS it's not even clear what is queried (and why).

Can someone from Vuforia give us a detailed explanation what exactly is sent and what is done with it? There is no reason to keep this a secret right?

thanks!

Thanks for your quick reply. I understand the need for data connectivity, but why is android.permission.READ_PHONE_STATE required?

According to the Android docs:

Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active and the remote number connected by a call.

Hi,

the following article explains the purpose of the extensions and the type of data exchanged over the network:

https://developer.vuforia.com/resources/dev-guide/android-permissions

In particular, network connection is required for downloading device optimization parameters and also for uploading anonymous usage data.

The same basically applies to iOS devices, although on iOS there is no equivalent of the Android permissions (meaning that you basically have all "permissions" enabled without the need to specify them in a manifest file).

I have the exact same question. Is every permission really necessary and, if so, what exactly is done with it?

Thanks.