I'm planning to release a mobile app, iOS/Android, to a specific set of users who operate in their personal gmails and apple accounts. In that case, I have to strictly stick to the following conditions.
The app should be available only for a specific set of users' personal devices.
PlayStore and AppStore registered for their personal emails.
Apps shouldn't be a TestFlight or Beta Apps
There should be a facility to push app updates to the users
There will be around 5,000+ users
Further, we have the following facilities
Apple Developer program and Apple Enterprise Program
Google Developer Console
Firebase with blaze plan
I have gone through Kaspersky MDM, Heka, Citrix, and Apple Business suite. None of those satisfies the total requirements. I'm looking for a solution for app distribution or OTA installation.
Related
I'm developing a hybrid app that requires an enterprise deployment that means it just needs to be deployed to some specific users in company and not public at all.
Something like it will depend on device id or something unique to make app run on user's device.
Can AppStore or Google Play implement this?
Thanks
On iOS, Apps can be deployed using an Enterprise in house profile.
(https://help.apple.com/deployment/ios/#/apd29c0f45f1)
Enterprise Apps have no limitation regarding the device ID installing the app, but are usually used in combination with a MDM controller, which enforce this part of the security.
Maybe the Google Play Private Channel is what you are looking for:
https://support.google.com/a/answer/2494992?hl=en
The Google Play Private Channel is a feature of the Google Play Store which lets you distribute Android apps internally to users in your Google Apps domain.
Hosting internal apps on the Private Channel allows you to control which users or user groups can download the apps.
I have a website that provides a service that customers pay a monthly subscription fee. I have created apps for Android and iOS to connect to the subscribed account. With this subscription they can connect an unlimited number of users with android/iOS applications to the account.
If I release the App into the Market as free but customers need to register for a paid subscription for the main account on the website then will be seen as a breach of the Market T&Cs for the Play Store and the App Store?
Thanks for any help.
You should be fine - some large companies do this, examples off the top of my head are: Rdio, Economist.
You can only purchase via their website, but by linking accounts you get full functionality.
The company gets to save on 30% fees, but the app is not allowed to provide any links to your purchase workflow on your website - otherwise that will violate the terms.
This is the same for both Android and iOS.
This is the Android version of App for limited or restricted audience
The project
I'm going to start a brand new project for one of our customers that will be deployed to our customer's suppliers to track on-field activity. I am skilled enough on Java/Android development so this question is only about deployment.
Owned vs provided devices
Our customer will either provide a Samsung Galaxy Ace 4 device to the suppliers or will allow the supplier to use their own Android 4 smartphone without warranties from us. Our customer currently has a Google for Business organization set up, but we cannot rely on that (see partial answer).
Technical (non functional) requirements
Ability to easily distribute application and updates across enterprise users.
Application should not be visible to the public
Application must be able to send crash reports so our team can inspect and investigate
The question is
Given the above "should not be visible to the public" statement, what is the most effective and efficient way to deploy an Android app targeted only for enterprise users?
I'll post a partial answer below. I'm asking others to enrich it with other possible means, including using Alpha/beta channels for which I don't have experience about
Currently, limited-audience Android applications can be deployed like this:
Publishing on Google Play as a free app for the public
Maybe adding a limitation to our country
Advantages:
Simplemost and well documented
Auto deployes updates as soon as no new permission is enforced
Collects crash reports on Dashboard
Disadvantages:
Everyone can download the app
This has the disadvantage that some organizations may not be happy as publicly available code might in some cases help exploit vulnerabilites on remote systems (but it is almost impossible if app is well-written and obfuscated)
If country limitation is enforced, imported devices won't download
Distributing the APK direct URL
Advantages:
The app remains private (enterprise users are surely not going to redistribute the app to friends as it's no use without enterprise credentials)
Disadvantages:
No crash reports unless implementing a third-party library
No auto updates unless implemented by custom code or third party library. Implementing auto updates prevents the app from being published to Google Play in the future, even on a private channel, as Play prohibits apps that auto-update themselves via third-party channels. Or, to be precise, the auto-update feature and Play publishing require, in order to exist together, maintaining two APKs
Google Play for Enterprise
As mentioned on this link, Google Play provides a private channel for app deploying for users withing a Google for Business organization. This is the perfect approach for applications that organization's users must use
Advantages:
Same as publishing for the public (simple, auto update, crash report)
Visible only to restricted audience
Disadvantages:
Every device must come with a Google account within the organization, and it will be economically unfeasible to [request the Sysadmin to] enable Google accounts for every external supplier in our target organization
Permanently in Alpha/Beta
I haven't tested this yet, as it is also very tricky. Basically, it involves using testing mode without ever going to production. With Google Play, one can deploy artifacts into Alpha (e.g. test server environment) and Beta (a trick to point to production server environment) without ever moving the app to Google Play's Production stage.
All requires setting up special moderated Google+ groups
Potential advantages:
Same as publishing to enterprise
Disadvantages:
Only telling users to subscribe to Google+ and joining a community
From your requirements, I would suggest distributing the APK via a direct URL and integrating a service such as HockeyApp (see their Android SDK for more) to manage both the crash reports and app updates.
"Ability to easily distribute application and updates across enterprise users"
Many services allow .apk files to be uploaded directly to their service for deployment. A direct download link is then generated for that build.
Crash information is collected and updates are automatically displayed if the app implements the Android SDK provided by the service.
"Application should not be visible to the public"
Services such as HockeyApp do not publicise direct download links publicly. This link can therefore be distributed as required.
"Application must be able to send crash reports so our team can inspect and investigate"
Full stack-trace and device information is sent along with crash reports and can be viewed online by technicians.
From my experience there are a few pros and cons:
Pros:
App distribution is super easy, as simple as visiting a website.
Bug reports are comparable to those received through Google Play
Cons:
Crash report's aren't sent automatically and updates aren't automatic
By default, updates and crashes appear as system dialogs prompting users to either send the crash report/update the app or cancel. Ideally, no user interaction should be required to perform the desired actions. I am sure it is possible but have not found relevant documentation for it.
Cost. These services aren't free.
Would require the removal of the service SDK from the app if uploaded to Play Store
I want to publish my app to a limited set of users (Not country and carrier specific). I searched on the internet and found this. However this has lead to confusion, at the start the document says that we can create a private channel to distribute apps throughout an organization.
A Google Apps for Business, Education, or Government domain can have a Private Channel on the Google Play Store. The Google Apps domain administrators can allow domain users to register with the Android Developer Console to publish Android applications to the Private Channel. The publisher account owner who registered with the Android Developer Console must be a Google Apps user in the same domain, such as internal IT staff, and not external developers.
But at the end the document says:
Can I publish an app to a specific group of users?
No. But you can publish an app targeting a specific country or specific device models.
If anyone has a better insight on this, please enlighten me. I want to publish an app internal to my organization what are the possible ways?
I think its better to do like following:-
Alpha- and beta-testing
If you are planning to go alpha- and beta-testing route, it’s best to start with a small group of alpha testers (perhaps employees of your company, or a few fellow developers) and then move on to a larger group of beta testers.
Follow this link:-
https://support.google.com/googleplay/android-developer/answer/3131213?hl=en
Its just simple you have to create an community of the employees with their google account.and simple add this community as a beta tester.so everyone get the mail regarding the link to download an app and acceptance of permissionbecome an tester.
My understanding of the document you quote is that the app developer must be inside the domain serviced by the Private Channel. An external developer (one who is outside the domain) cannot publish to that specific domain.
Thinking it through, we have to ask "how could Google control publishing to a specific domain?" As soon as we ask that we can see all sorts of security and control issues. We could imagine a malicious developer publishing a trojan app that is targeted at a particular business they wanted to damage.
So there are the two paths: a private Channel publishing to a given domain, and the Alpha / Beta path recommended by Born To Win.
How do I invite users to beta test an app without compromising their privacy?
As far as I know, if I invite them to a Google+ Community and/or a Google Group, their presence is essentially public to the rest of that community or group. Ideally I am looking for the ability to invite individuals privately via their email address, and with no unwanted publicity.
You are correct. In order to beta test via Google Play, the user will be "known" to others in the test group to the extent of the personally identifying information provided by their Google account.
We use Hockey for beta testing our Android apps and other platforms, such as Mac and iOS. Relatively cheap service and beta users only need to enter in name and email. That info can be easily anonymized and is harder to correlate identity when compared to a Google account.
http://hockeyapp.net/features/