My client want to make sure that his marketers meet some of their specific clients on a regular basis. I had thought of that this could be possible by getting the clients fingerprints. But as I read in several pages, the fingerprint api is available in android api 23+ and in Samsung devices it is not possible to check the fingerprints of people other than the phone owner.
Is there any alternatives that one can use for physical authentication (not like password)?
I want to aim as many devices possible and as lower android api level possible.
I also have the option to authenticate on server side based on information received from the device (if there are ways to do it that is not possible by the device itself)
Note:
It looks like that you get strange ideas of my question. although it is not related but let me explain to clear things:
In our country each factory has its own marketers that visit markets on regular basis (daily, weekly, monthly,...) based on their product (milk, biscuit, chips, bread, juice, ....), while the factory wants their marketers visit every markets (as they'll loose their shares to their competitives) marketers think differently (as they receive a small percent of their sale), they just visit those markets which will buy for example a thousand of apple juice and skip those who will buy only 10 (which for them the percentage they get doesn't cover the gas money) and when factory calls this markets to see why they were not buying their products anymore, they get to know that their marketers has not visited them for months.
This is the way they want to make sure that their marketers visit every market and not only the good buyers.
Idea is strange, but anyway: You can use (GPS tagged) photo of client, or/and his sign (by stilus on mobile device screen).
Related
I am creating an iOS and Android App and I want to create a screen where the player can start with a guest account or can connect his account with our own accountsystem.
But my question is: Can I detect a user after the app was uninstalled and installed again?
I know that there is something like the vendor. But this will change.
I know that other apps also can do this.
With the user's permission- have them log into an account. Or provide you with their google of facebook account info. So far as hardware ids, those are discouraged and actively being removed to prevent people from the API to prevent this.
Also remember- that unless the user logs in with an account, you don't really know whether it is the same person. You could know its the same phone, but you don't know if he gave it to his kid sister to play on. Or sold it when he got a new one, and now you've given the new owner access to someone else's account. Also, if you rely on hardware ids you won't know its me when I buy a new phone and download it on that.
So yeah- either have him log in with a username and password, or use a 3rd party signon mechanism like Google or Facebook.
For iOS, there is a recommended approach to do that: by using the DeviceCheck framework. The idea here is that it allows you to persist 2 bits of data across app installations on each device. You can set the first bit to 1 if the user has already installed the app or 0 otherwise. And use the second bit, for example, to check if the user has signed in or not.
The official documentation is pretty good, please check it out.
The downside of this approach is that you will also have to do some work on the backend side.
UPDATE:
If you specifically want to detect the account, there is no reliable approach. One of the options is to use identifierForVendor or generate some kind of device fingerprint (for example, by combining the device model, timezone, locale, etc.), but of course, this will not work every time.
Uniquely identifying a device is a security leak, and all platforms are putting serious restrictions on unique persistent identifiers because of privacy concerns.
We’ve been using Google SignIn through WebView, but as Google will be deprecating this soon, are there any alternatives to do the same ?
We have a slightly special use-case where our devices are being used in a warehouse and one device is being used by multiple users. We do not want all the users to add their accounts to every device. It seems like a fairly reasonable use-case but I can’t seem to find a official documentation for cases like this. Is there any work around to this?
Update:
Here is the use case in little more detail. Imagine 100 devices for 500 employees. None of the users have a dedicated device for them. Every morning they walk in and are issued a random device for next few hours. They need to then login into our preinstalled app through G Suite SSO, finish their work, and return devices after logging out.
Now, we do this SSO over webview because we don't want each of our workers to be setting up a google account to a device each and every day. With the new system, we don't have an alternative but to ask low skilled workers to setup complete device including sync options and what not.
We still want to use Google SSO coming from our G Suite accounts but don't want the accounts to be linked to the device itself.
I am currently developing an Android app, and am now approaching the ads part of development.
I am using Firebase for my app, and I need to know what the best approaches are for implementing the following advertising requirements for the respective scenarios (I have never done this before and the wealth of information and approaches is a little overwhelming) :
Scenario 1: Initial release
Initially, the app will be used by students of a single university, and as such we want the adverts to be arranged personally with local businesses, for adverts that will actually be of interest to the students.
What do I have to do in Firebase/AdMob to provide this?
What do the businesses have to do to utilize this after we have made an agreement with them?
Scenario 2: Progressed release
The end-goal is to have this app, in personalized form, for every university that is interested in using it for its students. Each university's app users would receive ads that are relevant to them (ie. a user at MIT wouldn't receive ads about a 20%-off restaurant deal in a South African town)
Again:
What do I have to do in Firebase/AdMob to provide this?
What do the businesses have to do to utilize this after we have made an agreement with them?
And how would I make certain users get certain ads?
Thanks!
Sounds like there are two concerns here.
For the first, if your app already uses location information for its intended functions (and has the location permission turned on), the Mobile Ads SDK will use that info to fetch geographically relevant ads. That happens automatically. Not every ad will be for a local business though--if a national advertiser is the highest bidder for your impression, that's the ad that will be served.
For the second concern (how to do direct deals with local businesses), I'd recommend AdMob's direct-sold campaigns. Once you have regular AdMob ads serving, you can mix in your own campaigns that you directly negotiate with businesses (e.g. "We'll give you 100,000 impressions for XXX dollars" or 10% of traffic, or whatever). Your business would be in charge of entering campaign details and uploading the creatives sent to you by those whom you're advertising.
I'm surprise to see statistics in Google Analytics page for one of the Android app and noticed the following strange informations
Apple iPhone in Top Device Models
Strange OS names entry in OS Versions :
Macintosh Intel 10.10
Linux x86_64
Windows 7
(not set) (not set)
Note:
I have answered the the current possible solution, but that doesn't make corrections to the available old data sets please let me know any ways to correct the old data sets and get out of the cons mentioned in my answer!
Bots and referral spam are two different things, the answer you posted will only help with bots. I am going to refer to the article about removing referral spam here
Normally we say there are three types of junk visits:
Ghost referrals like the darodar / ilovevitaly / cenoval
Creepy crawlers like semalt (a.k.a. best-seo-solution.com) and fake referrals like maridan.com.ua and blog.ranksonic.com.
Well behaved bots and spiders
Issue Number 1
I suspect data being inserted directly into the Analytics account directly though the measurement protocol. I say this because I have several old Google analytics accounts that are showing hits, the websites for these accounts no longer exist and haven't existed in years. I also have an old application account like yours that no longer has any data sent to it that shows data daily. The only way for data to be inserted into them is if someone is doing it directly, the hits are coming from known referral spam sites (the big list). There has been a lot of talk on the net lately on how to deal with the first two problems. Google has not come with any solution as of my writing this. The article gives a few very good ways of dealing with it. here
Idea of how its done google+ post
Tip: It appears that they are currently only targeting Web Property 1. so if you say make UA--xxxx-2 there will be no spam inserted.
Issue Number 2:
This will be hard to detect, they are actually thing your site. A filter on the known bad crawlers helps.
Issue Number 3
The answer you posted is correct but will only help with this: Bot and Spider Filtering. Its also kind of old.
Note: I have answered my own question for Bot and Spider Filtering , please provide if any better solution for the Cons mentioned below and avoid referral spam
Google Analytics Google team announced Introducing Bot and Spider Filtering to get away with referral spams,bots in Analytics Entries !
Introducing Bot and Spider Filtering
Many of you have shared with us that it’s hard to identify the real
traffic that comes to your pages. That’s why I’m pleased to announce
that we’re adding bot and spider filtering.
You can simply select a new checkbox option which would be included in
the view level of the management user interface. This option would be
labeled "Exclude traffic from known bots and spiders". Selecting this
option will exclude all hits that come from bots and spiders on the
IAB know bots and spiders list. The backend will exclude hits matching
the User Agents named in the list as though they were subject to a
profile filter. This will allow you to identify the real number of
visitors that are coming to your site.
Nestlé has been testing it and has found great benefit:
“The Bot filter solution is essential for getting deeper insights.
View level availability let us stay fully aligned with Best Practices
provided to all site owners. Very easy to use, understand and
communicate across thousands of Google Analytics users.” ~ Katarzyna
Malik, Nestlé Google Analytics Specialist
Happy Analyzing!
Posted by Matthew Anderson, Google Analytics Team
Steps to enable Bot Filtering:
Go Google Analytics home page and click on the Admin tab.Click on View settings
select Bot Filtering to get rid of known bots and spiders option.
This will remove the spam hits from their analytics for only upcoming analytics data. So this solution has two cons!!
Cons:
Historical data will not be affected by this option, i.e. spam hits
which were made in the past will remain in your data, Google will
only filter your future hits.
Google promises to remove hits from known bots, which means that the
time from the new bot appearance to the moment when it will be
included in the Google filter list can be indefinitely long. I use
this solution for the last week though and didn't find any new bots
breaking through the filter
Ref:
SO POST
techcrunch
G+
Blog
I would like to publish an Android app with 2-years time support (this is due to API costs). After 2 years, the user has to buy the app again (if he wants).
There are at least 3 problems:
I want it to be easy and effortless for the user: so no "registration form" (if possible).
The app should work on other devices connected with the same Google account (as every payed app).
The app should not work if the user sells his device: so using device's IMEI isn't a very good solution.
I think that the definitive solution would be univocally identifying the user, but the question is: how to do that?
Do you think that AccountManager could be a solution?
Note that the app needs to connect to my server in order to work, so the solution can be implemented both client and/or server side.
You can try to uniquely identify the user using his/her phone number. This is what Wavesecure does.
This does have some implications:
a) your app cannot work on a wifi only tablet.
b) you will have to provide a way for users to migrate phone numbers in case they happen to change phones.
You said that:
The app should work on other devices connected with the same Google account (as every payed app).
Use the google account.
When the app starts have him choose a google account and save the account ID (the email address) server side.
Also make sure the user can change the referenced account, it should not make any difference, as long as you allow just one account per user.
Ideally, as time passes by, you may want to track the active installations for each user, and limit the number of devices (model name, IMEI if available, OS version etc) to prevent fake account sharing. But that's something you can do later.