Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I'm trying to describe the architecture (or understand existing patterns) for a (trusted/self made) Mobile Application that needs to hold private keys to sign some information presented on the screen (let say it's finally presented as barcode). Let's asume we cannot avoid it and need to store private keys (RSA or ECDSA) securely as possibly.
I haven't found any standards for TEE that or Hardware Security Module that would for sure work on the "normal" Smartphones out there?
I'm wrong here and Hardware+OS(Android/IOS) support this somehow meanwhile?
I'm aware of White-Box-Cryptography
But how far can i go with White-Box-Cryptography? How to estimate it cryptoresistance? Any examples of the implementations?
P.S.
Additionally the supporting backend can be designed as needed here. So e.g. exchanging of secure information onbehalf of the user (OAuth is used) can be done flexibly if it would improve the security...
So let say, i we can exchange Keys in the app monthly or so (more often would be problematic). However getting any information from server is possible, but the solution has to work some offline time too
Typical case: NO Internet for 10, 15 Minutes should be supported as far as possible.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I had chosen to develop an mobile app for my final year project. The app is an parenting application that help parent to monitor and control screen time of their children and it have some function such as:
- Send notification to the parent mobile device when the child start to use the device.
- Lock the phone at certain time or by choice.
- Location tracking (optional)
- Report on use-time.
I'm familiar with basic Java and Android programming.
So what are the other knowledge (technology, mechanism, etc) that i will needed to develop this app.
It seems like you want to create parental control app and you can create it using "Android Management API"
Please refer Android Management API
Many companies installs this kind of apps in their employees company owned devices, many parents install this kind of apps in their child's mobiles to monitor their data usage, applications usage, their driving speeds etc.
Best of luck.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
We want to develop application which used to share important data in secure way. Idea is:
Data to be exchanged between phone A and phone B (and vice versa) when users “Tap” the phones together. The date, time and location of this action is to be recorded.
This should work anywhere (in buildings or in rural areas where there is no mobile signal coverage), and work cross platform (iOS, Android, Windows).
we want to know is it possible to develop such application ?
Thanks,
Yes, you can 'bump' phones and send over Bluetooth. You would use the accelerometer of the phones to detect the 'bump' part. The date, time and location you can pull straight from the devices (given you have GPS permission).
It would be a lot of work to develop right, especially across multiple platforms, and I believe an app like that already exists, for sharing contact information.
Also for future reference, you're probably getting down-votes because you're not asking specifically about code. Best of luck.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I am building a mobile app to allow for real time messaging, befriending users, creating groups to both chat and share images with, as well as creating events that users can invite one another to.
In researching I came across Firebase, and while there are major benefits, it perhaps may be overkill for my application and it appears it is for real-time collaboration, ie. pair programming, real-time massively multi-player gaming and related.
For the app I defined is Firebase overkill?
I think that seems like a perfect example of an app that would use firebase. I don't think it's overkill at all. If you want to build a simple app that has real-time functionality, firebase is the perfect solution.
That said, images can be tricky in firebase right now (since you'll probably want to use some other cloud storage, here is the stack overflow that discusses this: How to store and view images on firebase?), but I still think it's the right option for what you have described.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Where can I get a list of application types that aren't allowed in the mobile platform app stores? Eg. IOS, Android, Blackberry, Windows Phone.
For example: adult content not allowed, what others r there?
So here you are, but remember, you can do this by yourself! (Google it!)
Google (Android):
http://support.google.com/googleplay/android-developer/answer/188189?hl=en
Apple (iOS):
http://stadium.weblogsinc.com/engadget/files/app-store-guidelines.pdf (PDF)
Microsoft (Windows Phone):
http://msdn.microsoft.com/de-DE/library/windowsphone/develop/hh184841%28v=vs.105%29.aspx
no guarantee that all links work
I don't believe any app store prohibits certain "types" of applications per se. You will have to carefully examine the guidelines of each app store to determine what is allowed and what isn't. Even then - this isn't written in stone. An app might be allowed initially due to oversight, lack of apps etc. and removed later if there is public outcry or the organization responsible for that App store change their mind.
As for Android, please check this page to read information about application content rating.
Please refrain from non-programming questions next time, SO is a programming resource
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I am looking to find the most efficient way to create an application that has a 30 day trial and then forces the user to buy the full paid version if they like the demo's features.
I was looking for suggestions as the best way to implement a license for the app. Here were some thoughts I had:
-Sharedprefs - This would work until the user uninstalled and reinstalled the app. The trial period would essentially start over.
-Use Device ID - I thought I could get a device serial number and upload the data to a server. Then I came accross http://android-developers.blogspot.com/2011/03/identifying-app-installations.html that showed the issues with trying to get a user id for a device.
UUID- It seemed like this was the best option. However, would someone be able to give me an overview of how to implement this and how it works. Also what are the limitations.
A sample implementation is already presented in the blog that you have cited.
Limitations: For your case, UUID won't work. Since, the user can actually delete whatever file/UUID you use for tracking (not easy, but doable)
Your requirement is to track devices. So, perhaps, go for telephony ID, Mac ID or a combination of both.