Transparency First: Why Dhan App requires specific permissions and what this means for you!

Hi All,

Recently, we came across posts on social media, talking about permissions taken by financial apps, particularly about apps from Investing / Stock Trading platforms.

While we have always taken the Customer First approach on everything that we do, we felt the posts generalise the thought process that apps that take less permissions are good. We felt we should transparently write about our own perspectives on this topic and give our users a full picture of this.

Even when Dhan was a small business with hardly any users or traction, we wrote publicly about our User-First Policy and have lived with it every day. We understand Data & Privacy is an extremely important aspect of every user, and we introduced our User Data Management Policy where we delete all personal data that users have shared with us while they created their accounts and eventually forgot about it. We believe that we possibly may be the only Financial Services company in India to have both these publicly stated policies.

While building Dhan, we have focused on product experience for all traders and investors, with technology that empowers it all. While building this experience, we have made sure not to let Data, Privacy, Cybersecurity, and such important aspects of your journey take a back seat.

At Dhan, trust and transparency aren’t just words - they’re fundamental to our operations. This stands true for all aspects, wherein we share our approaches, roadmaps and philosophy open in public, or with this very community. As a financial services company, we adhere strictly to regulatory requirements and data protection standards, ensuring we collect only what’s necessary for security, functionality, and regulatory compliance.

Our process for requesting app permissions involves a rigorous internal evaluation. We analyze every permission for necessity, functionality, and compliance with financial and legal regulations. Certain permissions, such as location tracking, that are mandatory to meet SEBI guidelines ensuring the user is an Indian citizen, doing KYC within India. Others, like permissions associated with Google services, are often automatically included when we leverage some of Google’s technology stack—Firebase, for instance.

Here’s an explicit breakdown of the permissions the Dhan app requests, and exactly why we need each of them:

Permission Category Specific Permission Detailed Explanation
Camera Take pictures and videos Used for Know Your Customer (KYC) verification processes, allowing users to capture and securely upload necessary identification documents directly within the App.

Post KYC, this permission is not used and can be disabled without hampering app performance.

This helps us broadly adhere to regulations in aspects of Onboarding, KYC, Dormancy, and also a few cases where we seek Video IPV for critical KYC updates like Mobile, Email, Address, Nominations, etc.
Contacts Reading Contacts Referrals is the biggest source of discovery for Dhan, the only reason we have grown is because of word-of-mouth when friends share their Dhan experience with their friends.

Simplifies the process of inviting friends to Dhan, enabling smoother referrals and enhancing it by sharing referral incentives or credits.


We understand some users may not be comfortable with this, and hence this remains an optional permission.
Location Access precise location only in foreground

Access approximate location only in foreground
Capturing your Lat-Long is a mandatory requirement for your KYC process.

Additionally, it also helps enhance account security by detecting suspicious logins if there is no history of the user accessing the trading account from that location earlier.
Microphone Record audio Required during account opening process, to check liveliness of users, as part of onboarding and KYC regulations.

Post KYC, this permission is not used and can be disabled without hampering app performance.
Storage Modify or delete contents of shared storageRead contents of shared storage Essential for secure management of downloaded transaction reports, portfolio statements, and other important trading documents.

Trading apps also generate a lot of data, and we use local caching techniques to ensure that apps are optimised for faster performance.
Other Advertising ID permission Automatically included due to integration with Google services, aiding in targeting users for marketing activities.
Run foreground service Ensures critical app functions like live price updates and trading executions run smoothly and uninterrupted.
Run at startup Allows timely delivery of market alerts, updates, and essential notifications immediately upon device startup.
Read badge notifications Helps track notifications accurately, ensuring you never miss out on essential market movements or critical updates regarding orders and your trading account.
View network connections Enables the app to optimize its performance by understanding current connectivity status, crucial for real-time trading.
Prevent phone from sleeping Keeps your app active during critical trading sessions, ensuring uninterrupted trading experiences, especially when you have an open position and/or trade.
Access to AdId API Automatically included due to integration with Google services, not accessed by our system.
View Wi-Fi connections Evaluates the best network connections to deliver uninterrupted access to trading services and data.
Use fingerprint hardware & biometric hardware Crucial for offering a secure, fast, and convenient way to authenticate user access and approve financial transactions through biometric verification.
Receive data from Internet Ensures timely reception of real-time market data, trading notifications, and essential updates.
Read Google service configuration Necessary for seamless integration and optimal functioning of Google’s backend services used by our app, like Firebase.
Control vibration Enhances the user experience with tactile feedback, providing immediate alerts and notifications about important events or trade executions.
Have full network access Required for the comprehensive functioning of real-time market updates, trade executions, and data synchronization.
Play Install Referrer API & access AdServices Attribution APIs Automatically included due to integration with Google services such as Firebase, aiding in the measurement of our app’s performance, marketing efficacy, and user engagement.

Every permission we request has undergone a meticulous evaluation to ensure it aligns strictly with our strict guidelines, compliance standards, and your security requirements.

A lot of these permissions are used one time, primarily for KYC and Onboarding, where in regulations make these necessary to do your onboarding journey in-app and entirely digital. These permissions include camera, microphone and location, which are not used after KYC is completed successfully. There are platforms which do the same KYC steps in a web-view inside the app, where you end up giving the same permissions to the platform. But in this scenario, you end up giving permission to the browser, which can be used by other apps and the browser itself as well.

The second category of permissions are like storage, network, wifi, running at foreground, startup and similar, which are important for the app itself to run and ensure that your trading experience is smooth. And the last ones include Google services related APIs, which are not directly used by Dhan itself.

We hope this helps you understand the permissions that we take as part of delivering experience. Your trust drives every decision we make.

We’re committed to maintaining transparency and encourage you to reach out with any further questions or feedback!

6 Likes

No. One can login using mobile number and password / PIN too. So camera is optional for those who don’t login by QR scan.

Dhan has trackers everywhere, it is fine in some places but not ON MY TRADING SCREEN!!, open dhan TV on safari and see the trackers, duckduckgo gives d grade!, it is like having cctv on my washroom! either remove trackers or give an option to opt out. Also i use brave to evade trackers but Journal does not even work on brave browser because it needs to load HOTJAR! @shraddha do you think your customers will be fine with it when they know what output hotjar gives? who thought this is fine on a financial app? if i ever switch back to zerodha, it is definitely going to be because of lack of trust arising from these things

Hi @suhas_a We have transparently explained the rationale of all information collected and how this is used, if it is ever being used.

Specific to hotjar, it is to understand how our users are browsing and using our features, the inputs help us to improve usability of the products & features. Specifically again to hotjar, in our integration with them - any personal data, or any number (say ltp of a stock) is anonymised and not shared with the platform and even with us. Only behavioural patterns are studied, when we move to new features or implement them - we remove these trackers.

We also track the market & competition. Going back to the origins of the post, it is ironic that the same platform who initiated this thread and discussions on privacy and data permissions, uses these permissions on its own mutual fund investment app.

As you are concerned about tracking of trades, here is another interesting thread where we have outright denied reading user’s trading activity (even if it benefits us v/s the same competition) and the platform in discussion induces delays to user’s trades - Margin Update Delay at Zerodha & Dhan - Ongoing conversation

We have been consistent and transparent on our approach, don’t want to scream holier-than-thou selectively and in situations where it is beneficial and avoid when it is not.

Yes. I spent 5 yrs with the platform and figured out that talk doesn’t match with actions. They just try to paint a picture that they are sitting on some moral high ground relative to peers. I don’t take them seriously anymore.

I don’t think they are tracking user orders. They are just respecting sequence of order legs in a basket like other brokers and rest is just normal order routing and processing delay. Since the orders in a basket go in sequence and gets executed the margin released from first order leg is available before the second leg is executed and so the order execution doesn’t fail.

1 Like

My point being user should have an option to opt out of these trackers at least on trading screen like TV (what you do with trackers is not my concern, my concern is that there are trackers where i don’t feel comfortable having, anyway brave browser fixes this for me or does it?). I understand why hotjar is being used but to not let me use a feature because I use a browser that blocks trackers is not right. I have used zerodha, dhan, fyers extensively and I chose dhan but these things still concern me. (I left fyers the moment I discovered they were pocketing extra brokerage in the name of clearing member charges that too in percentage. They have excellent web platform as well but cant put my money where trust is broken, for any serious trader trust is number one factor, hope you understand)

1 Like

@t7support Ahh. Finally somebody on the same frequency as me. I suspect shady things even, like analyzing user trade data to pinpoint trading patterns and eating into all profitable alpha by the moral high ground platform.

Came across this news from a YouTuber called ‘A Digital Blogger’

https://x.com/adigitalblogger/status/1910324081620025511

1 Like

And therefore Dhan has my immense respect. I believe, the only platform where the whole team and founder come out in the open to say - THAT THEY DON’T TRACK STRATEGIES AND ANALYZE TRADING PATTERNS.

Dhan is holy enough. @PravinJ

They always say everything is done for the customer. But just checkout their customer support and customers will understand how much they care for the customer. When I was there it felt like bots responding with no connection to the query being posted in their support ticket system. Then whenever glitch happens everything is passed on to some third party and platform shows no accountability. Finally I decided it’s time to move on and now with Dhan :hugs:

As competition has picked up now I can see them doing things that they were resistant to do earlier citing a unique moral compass :upside_down_face:

1 Like

@t7support I don’t want my money to be Zero. I want Wealth now. :grimacing:

1 Like

Noted @suhas_a. We understand.

All actions at Dhan are taken with the same lens - would it be comfortable for us if we were in shoes of our customers. If no, then we don’t do that.

1 Like

Thanks for acknowledging, I love trading on dhan, hopefully I will scale my capital as fast as dhan is scaling!

2 Likes