I want to install my apk (my own application) to an android device, but this apk should be installed only if user is allowed to install (i.e. login needed)
I know that adb can be used to install an apk but I couldn't find any information about if I can protect adb port by a password. And, I don't know whether are there other methods or not.
You can't prevent the installation of an APK on a device. However, you can make the app working only on the devices you want, by adding a login form or a check on the unique ID of the device.
Keep in mind that a third person can bypass this protection by patching the app.
Related
I'm creating a corporate app, and I need to keep it on the phone even after a factory reset has been executed by user.
If I set my android app to a system app, after a factory reset, will it be removed from the phone?
If it's not a possibility, then what can I do?
Thanks...
I am not sure that this will work or not but you can try . This method requires a rooted device. If ur phone is not rooted then this method will not work.
Ok firstly put your app in System/priv-app folder .This is place where all system apk's are stored. When factory reset happen's then the android system loads all the system apk's from the priv-app folder and again creates their odex files . So if your apk file is in this folder then there might be a change that your file will be installed with the system apks but your previous data will be lost. And one more thing when you put your apk in that folder then you must change the permission of the apk to 0644 otherwise it will not install the apk.
Factory Data Reset (FRP) only clears the data and the cache partitions.
system apps are located within the system partition.
So it will not delete the APK, but it will delete the local data of the app. for example the app saved some information about you in a local database (located within the data partition).
To build your APK from Android-Studio,
Build > Build APK (Do not choose to Generate Signed APK)
Then copy the APK to the /system/priv-app/, set permissions accordingly, restart your device and done. (root privilege required).
If you move the app as system app will not be deleted after factory reset. The application in other hand need to work without an account configured on the phone. For example, if the app that you are converting to system app, need an account configured at setting, it'll not work since after the factory reset the accounts are deleted.
LBE Security (the chinese security software) have an recovery my phone feature, and you can (from that app itself) mark it for been keep even thru the factory reset.
It would be awesome if google some day will mark the serial, imei or something of the phone to your google account, like apple does, so if anybody connect the phone again to internet, will be blocked. But since most of the android's phone can be easy re-flash (the rom) and even modify the imei, its sort of useless.
I'm creating a corporate app, and I need to keep it on the phone even after a factory reset has been executed by user.
Technically, without included in factory image, it's impossible even if it is installed as a system app.
If it's not possible, then what can I do?
Besides you ask Google to include your app included in their factory images, you can do nothing.
I need to install my app only on some devices and does not allow installation on another devices.
I thought that maybe I can pair a unique ID to install apps.
I can do this?
How I can block the installation of a single application on some devices?
You cannot control app installation based on Device Id (IMEI) either by google play store or direct install... However you can check at the start of the launcher activity, you can check that the Device Id (or Imei) is in the list of imei you are allowing... Then allow user to use the apk... ELSE finish() the launcher activity... You can also give message to user stating "Unauthorized access" or something similar...
I thought that maybe I can pair a unique ID to install app
There's no platform provided, reliable uniquie ID of the device.
How I can block the installation of a single application on some devices?
You cannot block installation on device - as long as device meets your manifest requirements (screen, libs, platform version etc) user will be able to install your app.
Google provides you with this option also. If you have an account in the developer console of android, in the apk column you can see the list of devices your app supports. Out of that you can deselect the ones you don't want in your list.
At the time you are uploading the apk to play store, its very easy to deselect the devices you don't want your app to run on.
I have a question on the apk distribution. We all know that we can distribute apks through bluetooth, emails etc.
Now, when I download any apk from the google play, the app gets installed and that we cannot share it by using the licensing policies.
I have my apk on a website. I want the same thing. I want fresh installs from the website also. The app should not shared with any1.
Is there any way to this? Any suggestions on how to do this?
As I said in comment, You can not stop users to forward your apk if they have them in storage, what you can do is to delete it after your app installed, but it can be shared before installing.
and there are tools/apps exist in market which claim to convert installed app into apk, and then it can be forwarded to other device.
Similar question on Forward locking of apk
Edit :- though you can not stop user to forwarding of your apk, But can stop other user to use it, if they receive this app from other sources then your web, as I myself did it earlier, by client server communication where a key is getting generated on Server based on mobile IMEI, so this app is going to be activated for particular mobile based on IMEI number. hence if other users try to use it you can check if this IMEI is register or not, and take action accordingly.
When you install an app from Google Market, you have an install button, which downloads and automatically starts the installation program for the apk you just downloaded. It doesn't install it automatically, only it automatically launches the installer for the apk you just downloaded.
Is it possible to have a similar button if you have a apk file on your local server? How will the link look like?
I've read a lot of almost similar questions here (like this one
How to install APK automatically when the file download is complete (hosted on private) or how to automatically install an apk), but none of the answers explained if Google uses something special for its market or is it possible to use a special kind of a link to force the installation program from the phone to automatically launch after download? Automatically LAUNCH, not automatically INSTALL the apk.
That is, when users scans my QR code with a QR code reader or types directly the URL in the browser, how can my application trigger the installer program right after download?
Let's say I do the following:
1. I generate a private key on my computer
2. I sign my app with my private key
3. I submit my app to Google market
4. I upload my app to my site.
When someone will download my app from Google Market, the following will happen:
a) That person will access the Google Market URL of my app
b) He will download it to his phone
c) The application installer from the phone will start automatically, and ask him if he agrees with the permission required by the app.
When someone will download my app from my site, the following will happen:
a) That person will access the Google Market URL of my app
b) He will download it to his phone
c) The application installer from the phone will NOT start automatically.
I don't want the app to install without any intervention from the user, just for the install process to start automatically after download.
My question is how to make c) to happen even if he downloads the same app, signed with the same signature, but from my site?
The simple answer is: You can't (at least if I'm remembering correctly).
AOSP contains a set of Google's public keys that they sign their applications with. And in order to be able to install an application without any intervention from the user, the apk must be signed with the matching private key. So, in order to do this, you will have to do one of two things:
Get google's private key and sign your apk with it.
Get everyone to upgrade their phone to have your public keys along side google's.
Neither of these are really possible. So basically, you can't. Unless your targeting the root/rom community. Then you might be able to convince them to do #2 (add you to the list of keys that can install apps without intervention).
Am developing one Android application which is using thinkfreeoffice.apk for viewing documents in my application. My requirement is I have to download both my application and thinkfreeoffice apks at a time and also install both these apks at a time.
anybody did this one before?
You cannot literally, unless your application is signed with the system certificate or you are using the SDK/ADB install method from a connected PC, or you find and abuse some security bug. As a security measure, any installation done by a normal application on the phone will require the user to go through the confirmation dialog one app at a time.
What you can do is put check in your application for the one it depends on, and keep complaining/downloading/ACTION_VIEWing the downloaded package upon startup of your app until the user either decides they don't want to use your app or agrees with the system install dialogue for the app you depend on.
I think it's impossible to install multiple applications at the same time, as the user has to confirm installation for each apk.
You could of course make the user install your application first, then ask the user to install the office application after which you use an intent to start the installation or redirect them to the Market.
Similar implementations have been used in applications that use third party barcode scanning or speech recognition.