I need to get an Android device's IMEI for authentication purposes. I'm aware that this is bad practice; we are currently working on a replacement system. For now, this is what I need (if it's even possible). All I can find are old questions that require READ_PHONE_STATE in the manifest, which I believe to be causing the issue. The code being called is:
TelephonyManager telephonyManager = (TelephonyManager)getSystemService(Context.TELEPHONY_SERVICE);
and, later to get the IMEI:
telephonyManager.getDeviceId();
Is there any way to run this code without the above permission? Is there any other way to get the IMEI? Worst case scenario, I can put out a release with a SQLite update that hard-codes the value of each user and gets it form the db every time they need to make a request. This is feasible because there are only about a dozen users of the app, all internal employees. Is this is a better route to take? Thanks!
There is only one way to get IMEI from Android 10. You need privileged permissions, which is impossible to get, if your app is installed through the Google Play.
There are different ways how to get unique ids, take a look at best practices in links below.
Please see:
https://developer.android.com/training/articles/user-data-ids
https://developer.android.com/about/versions/10/privacy/changes#non-resettable-device-ids
Related
This question already has answers here:
MSISDN : Is it a SIM Card Data? Why all The Provided Function (from Blackberry and Android) to fetch MSISDN not reliable?
(3 answers)
Closed 5 years ago.
I want to get the mobile number of users, which will be defaultly taken as username, when I used the following code to get the mobile number, it returns an empty string
TelephonyManager tMgr = (TelephonyManager)getApplicationContext().getSystemService(Context.TELEPHONY_SERVICE);
mPhoneNumber = tMgr.getLine1Number();
String mobNo = mPhoneNumber.replace("+", "");
One reason I found is My phone number is unknown under Settings->About Phone->Status->SIM Status. How to rectify this issue without giving any burden to the users.
There are at least some SIM Cards/Operators out there who don't provide numbers - I have seen it and you have seen it. There is probably nothing you can do about it.
See getLine1Number() documentation. It says if its unavailable, it returns null. So #sstn is partially right. You can't do much about it. As far as I can remember this method gets number which is stored in the SIM. Some providers restrict the access and other don't provide it.
However that being said if you are really really pushing to get phone number from network automatically, you can try one more thing. Most of the network providers provide their own API. The API might require the user to connect to internet through the network data and not wi-fi or any other method. Although different providers in different countries can differ on that. You can potentially recognize the network provider using getNetworkOperator(), then use provider specific API to get the number. However not sure if its free. For eg: In Canada, Telus has its API but it requires you to partner with them. Similarly with Rogers etc.
If you don't want to go through that pain, the last option is to ask the user to enter it. If you are worried about its validity then you can always do one time code SMS verification.
Hope it helps.
Hello I am working on an application in which we are tracking our app installation using device unique ID.
We are doing right now like this as https://stackoverflow.com/a/2785493/2455259
private String android_id = Secure.getString(getContext().getContentResolver(),
Secure.ANDROID_ID);
I got to know that from android 4.2 it can have different for different users https://stackoverflow.com/a/27013749/2455259.
Now I can't take mac address of wifi or bluetooth because it requires to make it turn on then fetch. Even I can't take IMEI because some tables don't have call feature so they don't have IMEI.
Now what are the option to uniquely identify android device ?
Now what are the option to uniquely identify android device ?
I am afraid assigning own unique number is most effective approach, because ANDROID_ID is broken (the answer you link to is incorrect - see comments there too), relying on it is quite futile as it can sometimes be the same for many devices or null, so anything but unique, therefore using it is pointless as it adds more troubles than helps. There's post on Android blog about this topic "Identifying App Installations" that you may want to get thru as well.
I know this is old and the OP might have already moved on but with the introduction of Instance ID, we can use it to identify a unique installation.
The associated code is pretty straightforward too.
String iid = InstanceID.getInstance(context).getId();
The benefits include not having to specify permissions for Android Marshmallow and above. This seems to be a plus for developers who would need a unique id at the outset and cannot rely on user provided permission model for the same.
Following scenario:
I want to create an wifi hotspot on a public place (e.g. train station). Therefore i want to write an mobile application (iOS and/or Android) which works as a portal page. As I would be providing internet access via my wifi hotspot I need to make sure that people who want to log in verify their identity properly (responsibility). First I thought i could do something like a facebook login but I guess that would not be enough as people can create fake accounts.
Then I got the idea that I could maybe access their telephone number via their smartphones.
I googled alot and came to the conclusion that it is pretty tough on both platforms.
The iOS method seems to be deprecated and apps wont make it to the app store with that version. Android can read the phone number from the sim card, but not all providers store the number on the sim card.
Question
Is there any possibility to get the phone number? Or is there any other way to uniquely identify a person in a wifi network?
Of course I dont want to do any of that without asking for users permission etc...
Greetings and thanks in advance
Peter
Choosing the MAC address is a good choice, it is not the safest, but it is the more easy to do.
The IMEI is not always provided, and the SERIAL is not uniq.
But actually, I don't know how to do this with iOS.
What is about the MAC address of the phone? This should be unique enough and you can get is easily from android and from iOS.
Android: http://developer.android.com/reference/android/net/wifi/WifiInfo.html#getMacAddress%28%29
iOS: How can I programmatically get the MAC address of an iphone
Using IMEI number
Android Does provide functions/method to access device IMEI number
First Set <uses-permission android:name="android.permission.READ_PHONE_STATE" />
in android manifest
TelephonyManager tm = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
// get IMEI
String imei = tm.getDeviceId();
Hope it helps
For NON CDMA or GSM devices like Tablet
Use
import android.provider.Settings.Secure;
private String android_id = Secure.getString(getContext().getContentResolver(),
Secure.ANDROID_ID);
This would generate a unique code for the device..how ever it would change on when user reset the device ie factory reset it .. and it works for device having os > 2.2(froyo)
This really depends on who you are trying to identify. That may seem like an odd response, but usually, we are trying to identify two, not one, sets of credential elements.
First, we want ot identify the device itself -- is this the deivce we expect to see and can we trust that this device has not been tampered with. Second, we usually want to know if the user of this device at the moment is one we expect to be using this, now validated, device. (If I take your phone, without step #2, I just became you.)
This is why we have things like 802.1x. It lets me validate the user of a network, not just the device. For your case, consider something like:
For device validation, the combination of hte MAC address and the IMEI. TUrn those into a unique hash with some data from the user. For example.
ID = SHA1(IMEI+MAC(Wifi)+user password)
Now that we're pretty sure the device and user are correct, if you need to, you can go one step further and use that hash a key to encrypt a user validation step in your app. Even if the user is correct, if they're on the wrong device, their key won't decrypt.
Is there a way to get the user's first name or entire name? I mean the user of the phone
does it require special manifest permissions?
Yep, starting in ICS you can read the profile of the device owner (which requires the READ_PROFILE permission):
http://developer.android.com/reference/android/provider/ContactsContract.Profile.html
Specifically the DISPLAY_NAME column should have their name. Or you could look up the StructuredName data item to get their GIVEN_NAME:
http://developer.android.com/reference/android/provider/ContactsContract.CommonDataKinds.StructuredName.html
What exactly do you mean? You may be able to access the name in certain ways:
You can try to access their information stored in a Google account, requiring the GET_ACCOUNTS permission
You could, as Vinayak.B suggested, try to glean the info from the contacts, requiring the READ_CONTACTS and the READ_PHONE_STATE permission, although I think this is a hit-or-miss option.
There is also a READ_PROFILE permission, which I think is an interesting way to go, but I don't have any experience with that, so I can't tell you whether or not it's a fruitful venture.
I would try the GET_ACCOUNTS option first, since they must have a Google account to download your app. It also seems a little less invasive to me
I really hope this answers your question, but if it doesn't, you really need to provide more information.
Do you mean from device Contact list? if yes, get the source code and which permission from here : http://tutorials-android.blogspot.in/2011/11/how-to-call-android-contacts-list.html
I want to allocate unique ID to each user as soon as he installs the application so that whenever the app contacts the server I know who is contacting.
For this purpose, I thought that on first time installation, the app contacts the server and gets unique ID. But I don't know where to store it permanently so that next time when app is started, it knows what its ID is rather than contacting server.
Sorry if that is some obvious question as I am newbie.
This question has been asked many times on Stack Overflow.
In short: Android has always supported a unique ID. However, prior to Android 2.2, the ID was not always identical on certain kinds of phones. Since 2.2 is pretty ubiquitous by now, I would use that ID.
The Android Developer Blog has a good article about this.
And as Joachim said - you may want to consider a different approach altogether. Android's unique ID is good and persistent across factory resets, but not across a device upgrade. Also keep in mind that many people have several devices (like a phone and a tablet). You may want to use the Google account instead, the AccountManager can help you there.
Use SharedPreferences to store the unique id.
Here is an example:
Android SharedPreferences
For more complex data, you can use SQlite.
For unique id, you can use IMEI of device on which application is going to install. Refer this link for how to get IMEI number. Then stored that IMEI number in shared preference. Refer Guillermo lobar's link for that. You need to check for that unique id in preference when you application starts. At very first time, save that in preference. So when next time it checks for that id, app find it in preference and hence no need to connecting server. :)
You could get the IMEI of the device. As of API 26, getDeviceId() is deprecated. If you need to get the IMEI of the device, use the following:
String deviceId = "";
if (Build.VERSION.SDK_INT >= 26) {
deviceId = getSystemService(TelephonyManager.class).getImei();
}else{
deviceId = getSystemService(TelephonyManager.class).getDeviceId();
}