I’ve seen apps where users can create a guest account (anonymous) without password, and when they delete the game and reinstall it, they’re still logged in to their guest account.
I’ve also seen some apps where this situation would create a new guest account every time. I’d like to avoid this in my app but I don’t know how to.
Anyone knows how this is done?
Thanks,
Tom
So you want to generate userId and persist it through app reinstalls. In android I heard that there is no problem to get unique identifier. In iOS you can use framework like JNKeychain. Then you generate unique value. In obj-c you may wish to use such code.
NSString* deviceId = [JNKeychain loadValueForKey: #"deviceId"];
if (!deviceId)
{
if (![JNKeychain saveValue: [[NSUUID UUID] UUIDString] forKey: #"deviceId"])
{
deviceId = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
}
else
{
deviceId = [JNKeychain loadValueForKey: #"deviceId"];
}
}
Related
I recently started learning Android to port my iOS app to Android.
User registration in my app is optional, hence the user can decide to get started right away without any delay. However I still need a form of identification against fraud and if the user has passed the first week of free trial. Otherwise the user can just keep deleting and reinstalling the app to use it for free, forever.
On iOS I have solved the problem through the keychain. Any values stored in there remain there even after the app has been uninstalled.
import KeychainAccess
let keychain = Keychain(service: Constants.keychainServiceID).synchronizable(false).accessibility(.alwaysThisDeviceOnly).accessibility(.alwaysThisDeviceOnly)
let deviceId = UUID().uuidString.lowercased()
keychain["DEVICE_ID"] = deviceId
I don't seem to find anything like that on Android.
A unique Device ID doesn't seem to be available either based on this answer
Hence is there a way to achieve this or do I have to make user registration mandatory?
UPDATE:
In iOS when a keyChain value is set, the user can't ever update or delete it. Even after the app is uninstalled. During unit testing I can delete the keychain entry like this:
let keychain = Keychain(service: Constants.keychainServiceID).synchronizable(false).accessibility(.alwaysThisDeviceOnly)
do {
try keychain.remove("DEVICE_ID")
} catch let error {
print("error: \(error)")
}
Can I do that in Android?
More easily you can do like this, this is a wrapper on shared preference.
https://github.com/kishandonga/EasyPrefs
public static void setUniqueId(){
if(!Prefs.read().content("is_unique_id_set", false)){
String id = UUID.randomUUID().toString();
Prefs.write().content("unique_id", id)
.content("is_unique_id_set", true)
.commit();
}
}
public static String getUniqueId(){
return Prefs.read().content("unique_id", "");
}
Cases when unique id changed
App uninstalled and then reinstalled
Clear cache or reset
I'm currently planning on creating an app. Unfortunately the need for usercreation is there. I know users don't like goind through a registration process with opt in by email activation link click.
So I thought maybe using the apple/google id as a replacement for email address would be cool since the verification step by email can be dropped. In addition when the user changes his or her mail address that's no problem since his or her id doesn't change in this case.
I'm not really into this particular topic so I have some questions, any help is highly appreciated:
Is there any numeric/alphanumeric id anyway or is the google/apple id (i.e. the "username") the email address itself?
Is this possible in Android and Apple SDK (and Cordova in addition since I use this one)?
Is this a good idea in general or am I missing something?
Thanks in advance!
You could use the below DeviceIDs solutions as primary key for your users registrations. Look:
1 - Android
1.1 - Android Phones (With SIM chip) - For Android I use the Cordova SIM plugin. It generates uniqueIDs for devices based on SIM chip informations. So, you can manipulate your data based on the plugins return;
Link: https://github.com/pbakondy/cordova-plugin-sim
1.2 - Adroid Tablets - The plugin above is fantastic, but it does not work for devices that does not have any SIM chip. In this case, I use the following code:
if(mContext == null){
mContext = this.cordova.getActivity();
if(dialog == null){
dialog = new ProgressDialog(mContext);
}
}
String tabletID = Secure.getString(mContext.getContentResolver(), Secure.ANDROID_ID);
Conclusion: If you are developing only for phones (App projected for Mobile Phone) you should use the plugin. If your App targets Tablets or devices without SIM card, than you can take a look at the other solution. The IDs generated are "Devices ID", unique for each device.
2 - iOS
For iOS, I use the following code to generate an unique ID for each device:
NSString *uniqueIdentifier = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
The only problem: When user uninstalls all Apps of your iTunes vendor ID from the device and installs any of them again, the ID will be changed. Other easy ways to get Unique ID for iOS is deprecated since version 7.0 of the system.
See more here: Device Id from an iphone app
I've been looking for a solution to this problem for a while (days, not minutes), but it eludes me quite effectively.
Please note that this is NOT a question about starting up the registration procedure. This must happen automatically without any user interaction.
I would like to add a Google account to my custom device (1000's of them). The account will mostly be used to activate Google Play store on the device so that the app can update when newer versions are available.
My existing code (the shortest snippet of those I tried):
AccountManager mgr = AccountManager.get(this);
Account acc = new Account("email#gmail.com", "com.google");
mgr.addAccountExplicitly(acc, "password", new Bundle()));
naturally yields a
java.lang.SecurityException: caller uid 10047 is different than the authenticator's uid
So how would I go about actually achieving this? My device is rooted so that's not an obstacle if it's the only way.
It is not possible to add/create a Google account using addAccountExplicitly(). You can only add accounts for your own services. even your device is rooted because it will rejected by Google web server. For more detail check this link
Warning: this solution doesn't work well. See comments for explanation.
Well, as it turns out, this is not something easily solved. I ended up registering one device, then pulled the users file from it. Location of users file : /data/system/users/0/accounts.db (if there are multiple user profiles on the device, the last directory may differ according to profile in question).
I stored this file into my app's assets (gzipped, make sure the extension is not something.gz because that gets lost during packaging - didn't bother checking out why).
First I check if my user already exists:
AccountManager mgr = AccountManager.get(this);
for (Account acc: mgr.getAccountsByType("com.google")) {
if (acc.name.equalsIgnoreCase("email#gmail.com"))
return;
}
If it does, I just skip the step. Otherwise I unpack the users file and overwrite existing one (using su). I then also do a reboot to make sure changes are registered.
I am making some application that will be largely user driven and of course that means their will be trouble makers who probably will enter fake data into it using swear words or worse change valid data to bad data(ie changing to swear words)
Of course measures will be taken to try to curb this but in the end of the day I want to have the option to ban someone from my application.
My first thought is ban their account by email address. I was also thinking that maybe on top of that ban their devices.
My questions is is what unique id can I use from their phone if they use
Andriod
Iphone
Blackberry
Windows Phone 7/8
and how unique is it? Can it be easily changed?
For Windows Phone you should be able to use DeviceExtendedProperties. Specifically the DeviceUniqueId property.
Be aware though that, as they say in that article, if you use a device id to ban a user, then any future user of that same device will be banned from your app, even if they've done nothing wrong.
There are 2 identifiers that can be used together to identify a specific device and user.
The DeviceUniqueId and WindowsLiveAnonymousId
the first one is the device, and as noted, anyone who uses the device after the banned user will also be banned.
The WindowsLiveAnonymousId is unique to the user. I have seen this same identifier across 3 separate devices and it is always the same for the users LiveId.
I use the following 2 methods to get these ids for identifying game players for leader-boards:
//Note: to get a result requires ID_CAP_IDENTITY_DEVICE
// to be added to the capabilities of the WMAppManifest
// this will then warn users in marketplace
public static byte[] GetDeviceUniqueId()
{
byte[] result = null;
object uniqueId;
if (DeviceExtendedProperties.TryGetValue("DeviceUniqueId", out uniqueId))
result = (byte[])uniqueId;
return result;
}
// NOTE: to get a result requires ID_CAP_IDENTITY_USER
// to be added to the capabilities of the WMAppManifest
// this will then warn users in marketplace
public static string GetWindowsLiveAnonymousId()
{
string result = String.Empty;
object anid;
if (UserExtendedProperties.TryGetValue("ANID", out anid))
{
if (anid != null && anid.ToString().Length >= (AnidLength + AnidOffset))
{
result = anid.ToString().Substring(AnidOffset, AnidLength);
}
}
return result;
}
They are used as such:
string deviceUniqueId = String.Empty;
for (int i = 0; i < GetDeviceUniqueId().GetLength(0); i++)
{
deviceUniqueId += GetDeviceUniqueId().GetValue(i);
}
DeviceUniqueIDTextBlock.Text = deviceUniqueId;
WindowsLiveAnonymousIDTextBlock.Text = GetWindowsLiveAnonymousId().ToString(CultureInfo.InvariantCulture);
I did a post last May about getting system info on WP7. This code is found here: http://www.adambenoit.com/applications/system-info-windows-phone/
Hope this helps.
All these devices have network interfaces with unique MAC addresses which by definition are constant - the MAC address is burned into the hardware and cannot be [easily] spoofed, especially on a mobile device. I would hash the MAC address and use that as the key. Pretty common practice on iOS once apple banned the use of UDIDs.
I would use the guid method. Though this can be circumvented by uninstalling and re-installing the app. Nothings perfect though
How to create a GUID/UUID using the iPhone SDK
How to get GUID in android?
How to create a GUID on Windows Phone
http://msdn.microsoft.com/en-us/library/system.guid.newguid(v=vs.95).aspx
How to create a GUID on Blackberry http://supportforums.blackberry.com/t5/Java-Development/how-to-generate-GUID/td-p/289947
Is there a standard way to limit the number of installations allowed by an .apk
If I understand correctly Timestamp limits the time an .apk is valid for installation, is there something similar to this that limits the installation count.
I'm planning on using DeviceID and UserID to populate a DB that checks logs for used User ID / Device ID combination to allow or not allow access, once the app is installed.
Thing is I'm trying to prevent the app from even being installed if its over x number of installations.
I was thinking about something like:
package com.tchip.kw;
public class mysoft {
static {
try{
System.loadLibrary("tchipmysoft");
}
catch(Exception e)
{}
}
public native int getmachinestatus1();
public native int getmachinestatus2();
}
///this will read/call 2 solutions from mysoft when the end users try to run app. If the return value is 0, then it will say’ Quit’. For example:
mysoft kw = new mysoft();
#Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
//this.findViewById(id)
if (kw.getmachinestatus1() && kw.getmachinestatus2() )
setContentView(R.layout.main);
/////Star splash activity
else
{
You do not have proper license to use this software and it will quit
}
}
I've thought about writing an installation .APK for the for the app.apk that checks for a set of Key's held remotely and then grants access.
If there is a standardized method or am I missing something really simple, I'm all ears.