I've written an app that uses Firebase (if that's relevant) and is targeted to users residing within a certain city (Strasbourg, France, in my case). Also, users will log into the app using an email address (Gmail or other). How can I make sure only people residing in Strasbourg install the app? I can't use private distribution, since I don't have a list of user email addresses and anyway they are not part of my organization. Ideally, I'd like to be able to offer the app on Google Play, rather than, say, uploading the app to Google Drive and then sending them a link when they request it.
I decided to abandon this idea because it would prevent people who are temporarily away from their home in Strasbourg from being able to download the app and that disadvantage would outweigh the benefit of keeping "outsiders" out of the app community.
Related
OK, so my company hired some broke company to develope the company's app. They developed a version for Android and for iOS. They published both versions under their developer account.
The thing is they offer a very poor service, so we have decided to get our own Developer licencenses and design a new app internally.
Our idea is to make a deal with the broke company, so they transfer the app to our account. I've read there is a procedure for this in both stores:
https://developer.apple.com/library/ios/documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/Chapters/TransferringAndDeletingApps.html
https://support.google.com/googleplay/android-developer/answer/6230247?hl=en
My questions are:
Once the app is transfered to our account, can we substitute our new app for the old one, so it stays under the same name and keeps download statistics (I don't really care about ratings).
Is there any way the current app users can get an update notification linking to the new app if we don't have the old app's source code?
For the Apple App Store, this is entirely possible if they're willing to transfer the application to you (and the process is pretty simple!), but it appears you've already found that documentation. From a user's perspective, nothing changes; the app stays on their phone, and won't change at all. The next time you push an app update, even if the app has been entirely written behind the scenes, as long as you're publishing it to the same listing, users will receive the update as normal (App Store notification) and be none the wiser that ownership has changed. The only difference an end user would see is the "sold by" line in the store listing, if they checked.
I haven't tried the process on the Android Play Store, but from the description and the linked document, it appears the process would be the same. I mean, the link specifically says:
When you transfer apps to a different account, your apps' users, download statistics, ratings and reviews, content ratings, and store listing information are all transferred to your new account.
So, it looks to me like you'll be all good. One thing to note, though: even though you intend to do what's in your users' best interests by making the app "better," they've come to expect the app in the way it is currently. If you completely change the app in a single pass, they may be pretty shocked and turned off to it. Be careful about dropping an entirely new experience on them without warning.
Edit Note on the Android link, there was also this to keep in mind:
Our team can't transfer apps that offer subscription products.
If your app is subscription based, you may be out of luck on Android.
I'm making a Cordova 4.0 Android app that will be sold in Google Play, and I would like to prevent illegal use of it (for example preventing someone to extract the APK from the system and re-distributing it).
One theoretical way of doing this would be by checking that when the app is launched by the user, he did actually download it from Google Play (versus being it sideloaded). I'm not even sure if this is possible or if there's an alternate way of doing something like this.
One way that works in other cases is to use require some sort of login when accessing the app, but in this case I can't do that. Any advice would be appreciated!
Google offers a way to implement validation / licensing:
http://developer.android.com/google/play/licensing/index.html
Take a look if this is what you need!
One suggestion would be for those apps which are get connected to a server to fetch some data.
App verification token
Generate an encoded 64-bit long token and store on both device & server as well. This will be a unique token per app
Whenever app tries to connect to server, it sends the device token details. Server needs to verify it before fulfilling its request.
On specific events, server can generate a new token for a device.
Same way, device token can be mapped to a user or an app on the server side.
Token could carry some app related information, for instance.
first 4 or 6 digits represent app size
second block of digits could represent user specific or device or some other details
Or another block could hold app contents modification date
In case of any change, server could verify the app size, last app contents modification dates, etc.
Generally it is recommended to uglify, obfuscate and minimize app resources before submission.
You can use the package manager class to determine the source of an app (only google or amazon currently detected)
You can similarly use google analytics which gives same information.
This is pretty neat since Android stores the source of every package, allowing apps to know where they came from, to prevent piracy and sideloading.
Great if you always publish to google or amazon. Useless if you sideload your app.
I am planning to drop my app in Google Play(earlier Android Market) because of push notifications (whenever a new version) , security for apk and so on.And also since apk is secured with Google play(paid apks) i dropped of downloading the apk from my website (only authenticated people can download the apk)
Actually its a business app for particular users with username and login access. Everything was fine in the App with login and security mechanisms
I am thinking of a way to restrict the other users who are not from the list while installing itself.
My question is whether any kind of filter or authentication mechanism can we set while downloading the application from the Google play it should ask for a password or something like this to filter the unauthorized users to download the app..
My ultimate aim is i don't want the peoples to try it after downloading unnecessarily
Can anybody help who have tried all those in android market
Ok.. One thing after another..
Google propose their licensing mechanism. However app would need internet connection, which is disadvantage if otherwise it doesn't need it. If I got it right your does need to connect to server so this is not a problem for u.. It seems to me you are already familiar with this method.
Mechanism for password protecting downloading or visibility of apps on Google Play doesn't exist today..
You can identify users with IMEI (in case you don't consider using app on tablets, which doesn't have it), WLAN MAC, BT MAC address or some exotic combination of these methods, and you use this as authentication.
The best solution, from my point of view, is to allow people on market to download it. Your application is already using some mechanism of authentication (user/password) to server. So if 1st thing user need to do is login, and any functionality is disabled if that doesn't pass. If it pass, you already know who is your user and what privileges he has.
The thing is here that I am not so sure what are your concerns when user without login/pass download application if everything after that screen is disabled before authentication. User will download (if they find it..), they will install, try to use it, see that's not possible without credentials and uninstall it.
Hope it helped.. I will try to add few more links in a while..
I have a few questions regarding android market(Google play). How can I list my published application by accessing from my google account? What I have done so far is using my application package name as a query string to search my application and display all information which I used android market api to do it. Is there another better way to display all my published or installed applications by accessing from my google accounts?
My second question is about detecting number of downloading and installations of my published application. I have found only google analytics so far(for free) which I need to embedded some codes to monitoring my application. Is it possible for me to access those information from android market publish page . I have found that publish page contains information that I need.
Edited: For second question, I would like to obtain statistical information without adding any new code to my application. Is it possible to provide only google account to grant the permission to get those information?
My application is published. If I am using google analytics to monitoring my application do I need to start my counting from zero?
Sorry for my English and my little knowledge about this.
Thanks in advance..
Edited: .. I have found an application, called "analytics" that is what exactly I want to do. But I still cannot figure it out how it works..
The only place you will find this kind of information is on your Developer page. That said, if I were wanting to do what you are, I would put up an app on App Engine that either parsed my Dev page on request, or on a schedule. I mention App Engine as personal preference here, you could obviously use anywhere you can host scripts on.
You can then do what you like with the data you have collected, and your app can request this from your site. Assuming you have no qualms with publicising these numbers, you wouldn't need to scare users by authenticating, and would just need a plain html request.
Edit:
In your language of choice, you would need to request your developer page (the one that lists apps and their install count) and would also need to authenticate as yourself to get it. It's for this reason I would use your own hosting if you can. I can't be more specific than this, as I don't know what language you're most likely to be using. It should be trivial to find out how to do an html request and step through the page in whatever language it is though. App Engine pages are written in Java or Python and deployed to the server, while other obvious options are PHP or Perl. On my own server I would most likely use Perl as it's ideal for ripping up html with regexps.
I'm creating an Android application for a fantasy league as part of a college project. It's a paid application, and requires each download to be associated with only one team.
I'm confused as to how best go about it. If a user goes to settings and clears the data from there, all files, settings and databases would be deleted rendering a locally stored indicator for "The app has already run before and hence user is registered" as pointless.
Another option that had come to my mind was to store the IMEI no on a remote database (with SHA1 encryption to protect the data) but the problem with this is that, if a user loses or changes his phone, his further participation would be impossible. Additionally, users understandably don't like to share IMEI numbers and it's acceptable.
The best solution in my mind was to restrict usage of the app to the Google account that was used to download the application. With this, even a change of handsets would allow further participation of the user. However, I've not been able to find a way to obtain the Android Market account (only require E-mail) which resulted in the download.
So, my question is, how do I best go about with the problem that I face? Is there a way to get the Android Market username? Or is there a worthy alternative?
The server-side option is what you want, you can get a unique id from each phone and use that as your identifier.