If you have ever tried to manage files on an Android device, you probably noticed that things work differently depending on which version of Android you are running. Starting with Android 10, Google introduced a fundamental shift in how apps interact with the file system. This change, known as Scoped Storage, redefined the rules around reading and writing files on shared storage. For users who sideload apps, manage OBB files, or work with file managers, understanding scoped storage is essential.
In this article, we will explore what scoped storage is, why Google implemented it, how it affects everyday users and developers, and what it means for anyone who installs APK or XAPK files outside of the Play Store.
The Problem with the Old Storage Model
Before Android 10, any app that requested the READ_EXTERNAL_STORAGE or WRITE_EXTERNAL_STORAGE permission could access virtually any file on the device's shared storage. This included photos, documents, downloads, and even files created by other apps. While this made file management convenient, it created serious privacy and security concerns.
Consider a simple flashlight app. Under the old model, if you granted it storage permission, it could silently read your photos, scan your downloaded documents, or even modify files belonging to other applications. There was no granular control. You either gave an app full access to your entire storage or denied it completely.
This broad access led to real-world problems. Some apps harvested user data by scanning storage for sensitive files. Others left behind orphaned files that cluttered the device long after the app was uninstalled. Google needed a solution that balanced usability with privacy, and scoped storage was their answer.
What Scoped Storage Actually Does
Scoped storage fundamentally changes the relationship between apps and the file system. Under this model, each app gets its own private sandbox on external storage, typically located at /Android/data/[package.name]/. Apps can freely read and write within their own sandbox without needing any permissions at all.
However, accessing files outside of this sandbox requires going through controlled APIs. Here is how the new model works:
App-Specific Storage
Every app has a dedicated directory that only it can access. When the app is uninstalled, this directory is automatically cleaned up. No other app can read or write to this location without root access. This eliminates the problem of orphaned files and prevents cross-app data snooping.
Media Collections
For shared media like photos, videos, and audio files, Android provides the MediaStore API. Apps can contribute media to shared collections and read media created by other apps, but only through this structured interface. An app can see its own media without any permission, but accessing other apps' media requires the READ_MEDIA_IMAGES, READ_MEDIA_VIDEO, or READ_MEDIA_AUDIO permissions introduced in Android 13.
Storage Access Framework
For documents and other non-media files, apps must use the Storage Access Framework (SAF). This presents a system file picker to the user, who explicitly chooses which files or directories the app can access. The app never gets blanket access to the entire file system.
The MANAGE_EXTERNAL_STORAGE Permission
For apps that genuinely need broad file access, such as file managers, backup tools, and antivirus software, Android provides the MANAGE_EXTERNAL_STORAGE permission. However, this permission requires special approval from Google for apps distributed through the Play Store, and users must manually grant it through system settings rather than a simple dialog.
The Rollout Timeline
Google did not enforce scoped storage overnight. The transition happened gradually:
- Android 10 (API 29): Scoped storage was introduced but apps could opt out using
requestLegacyExternalStorage="true"in their manifest. This gave developers time to adapt. - Android 11 (API 30): The legacy flag was ignored for apps targeting API 30 or higher. Scoped storage became mandatory for new and updated apps on the Play Store.
- Android 12 and beyond: Further refinements were made, including granular media permissions and improved SAF performance.
- Android 13 (API 33): The broad
READ_EXTERNAL_STORAGEpermission was deprecated in favor of specific media permissions. - Android 14 (API 34): Partial photo and video access was introduced, allowing users to grant access to specific files rather than entire media libraries.
How Scoped Storage Affects Sideloading
For users who install apps from outside the Play Store, scoped storage introduces some practical challenges that are worth understanding.
Downloading and Accessing APK Files
When you download an APK file through a browser, it typically lands in the Downloads folder. Under scoped storage, the browser app owns that file. If you want to install it using a different app, such as a file manager, that file manager needs appropriate access. Most modern file managers handle this correctly through SAF, but older ones may struggle.
The system package installer can still access files you explicitly select through the file picker, so the basic flow of downloading and installing an APK still works. However, automated installation workflows that relied on direct file path access may break.
OBB Files and Game Data
This is where scoped storage creates the most friction for sideloaders. Many large games use OBB (Opaque Binary Blob) files stored in /Android/obb/[package.name]/. Under the old model, you could simply copy OBB files to the correct directory using any file manager.
With scoped storage, the /Android/obb/ directory is restricted. On Android 11 and later, regular apps cannot write to another app's OBB directory. This means that if you download an XAPK file that contains OBB data, the installer needs special handling to place those files correctly.
Tools like our OBB Extractor can help you extract OBB files from XAPK packages, but placing them in the correct directory on newer Android versions may require using a file manager with MANAGE_EXTERNAL_STORAGE permission or using ADB commands from a computer.
XAPK Installation Considerations
XAPK files bundle an APK together with OBB data and sometimes split APK configurations. Installing these on devices running Android 11 or later requires an installer that understands scoped storage restrictions. The installer needs to either hold the MANAGE_EXTERNAL_STORAGE permission or use the proper APIs to place OBB files in the correct location.
This is one reason why converting XAPK files to standard APK format can be useful. A standalone APK does not require OBB file placement, simplifying the installation process on newer Android versions. You can use our XAPK to APK converter to extract the base APK from an XAPK package.
What Developers Need to Know
If you are developing Android apps, scoped storage requires rethinking how you handle files:
- Use app-specific directories for any files that only your app needs. These require no permissions and are automatically cleaned up on uninstall.
- Use MediaStore for photos, videos, and audio that should be visible to other apps and survive uninstallation.
- Use SAF when your app needs to work with user-selected documents or directories.
- Avoid hardcoded file paths. Paths like
/sdcard/MyApp/are no longer reliable. UseContext.getExternalFilesDir()instead. - Test on multiple API levels. Behavior differs significantly between Android 10, 11, 13, and 14.
Migration Strategies
If your app previously stored files in shared storage, you need a migration plan. The recommended approach is to copy existing files to app-specific storage on first launch after the update, then delete the old copies. Use Environment.getExternalStorageDirectory() with the legacy flag during the transition period to read old files, then move them to the new location.
Common Misconceptions
"Scoped storage means apps cannot access any files"
This is false. Apps can still access their own files freely, contribute to shared media collections, and request access to specific files through the system picker. What changed is that apps can no longer silently browse the entire file system.
"File managers are broken on new Android versions"
File managers that request MANAGE_EXTERNAL_STORAGE still work. The user just needs to grant this special permission through settings. Most popular file managers have already adapted to this requirement.
"Scoped storage only affects the SD card"
Scoped storage applies to all shared storage, including internal shared storage. The term "external storage" in Android refers to shared storage that is accessible to multiple apps, not necessarily a physical SD card.
Practical Tips for Users
If you regularly sideload apps or manage files on your Android device, here are some practical recommendations:
- Use a modern file manager that supports
MANAGE_EXTERNAL_STORAGE. Apps like Solid Explorer, MiXplorer, and Total Commander have adapted well to scoped storage. - Grant permissions carefully. When a file manager asks for "All files access," understand that this is the
MANAGE_EXTERNAL_STORAGEpermission and is necessary for full functionality. - Use ADB for stubborn file operations. If you cannot place OBB files through a file manager, connecting your device to a computer and using
adb pushbypasses scoped storage restrictions entirely. - Convert complex packages to simpler formats. If an XAPK file is giving you trouble on a newer device, extracting just the APK component may be the path of least resistance.
- Keep your installer apps updated. Older versions of XAPK installers may not handle scoped storage correctly.
The Future of Android Storage
Google continues to refine the storage model with each Android release. Android 14 introduced partial media access, letting users share specific photos with an app rather than their entire library. Android 15 is expected to bring further improvements to the Storage Access Framework's performance and usability.
The trend is clear: Android is moving toward a model where users have fine-grained control over what each app can see and modify. While this creates some friction for power users and sideloaders, it significantly improves privacy and security for the broader user base.
Conclusion
Scoped storage represents one of the most significant changes to Android's architecture in recent years. By restricting apps to their own sandboxes and requiring explicit user consent for broader access, Google has dramatically improved the privacy posture of the platform. For users who sideload apps and manage files manually, understanding these restrictions helps you work around the occasional friction points. And for developers, adapting to scoped storage is not optional but rather a fundamental requirement for modern Android development.
Installing APKs, placing OBB files, and just managing storage day to day all run into the same system: scoped storage. Once you understand how it works, you are the one in control of your device, instead of being at the mercy of apps that might abuse broad file access.