An App uses Google Advertising ID. But as read online this tends to be changed based on User event.
If user visits Google Settings -> Ads screen and resets the ID than a new ID is been issued.
My Question is do other Android App gets a broadcast or a callback which states the Advertising ID has been changed. This is just to avoid re-query AdvertisingIdClient.getAdvertisingInfo(context).getId(); on every onResume.
Please guide if someone has any suggestion for the same.
At the moment, there is no callback which can give when the Advertising ID has been changed. The best way to detect if the Advertising Id has been changed is to get the AdvertisingIdClient.info.
AdvertisingIdClient is a helper library for retrieval of advertising ID and related information such as the limit ad tracking setting.
It is intended that the advertising ID completely replace existing usage of other identifiers for ads purposes (such as use of ANDROID_ID in Settings.Secure) when Google Play Services is available. Cases where Google Play Services is unavailable are indicated by a GooglePlayServicesNotAvailableException being thrown by getAdvertisingIdInfo().
Related
According to this page, every application submitted to the Play Store must not have the capability to collect both persistent device identifier and Advertising ID. Failure to comply will result in application removal from the Play Store.
Now, I have an application that is collecting persistent device identifier for security purposes, but I still want to use Firebase Crashlytics, as I added the SDK, I noticed that the SDK collects Advertising ID, but I can't find the code that initiate the collection.
So, my question is will the Firebase Crashlytics SDK collect Advertising ID automatically on library inclusion to the app?
If it does, is there any way to disable the collection of Advertising ID?
I have a hypothetical mobile game where players don't necessarily need to create accounts to play. Their data is keyed off of a device identifier like an advertising identifier (IDFA) or Apple's identifierForVendor or Android ID
For GDPR, I need to allow all users to download their data.
Is it safe to use the ID as an authentication secret to uniquely identify a user/device, or are these ID values predictable / published somewhere and easy to spoof?
From Apple's perspective, this is a no-go.
https://developer.apple.com/documentation/adsupport/asidentifiermanager
The ASIdentifierManager class provides apps with access to an
identifier that can be used only for serving advertisements, as well
as a flag that indicates whether a user has limited ad tracking.
Should they find out you are using it for something else, you risk having your app removed and possibly being banned from the App store. YMMV.
Plus, if a user disables ad tracking in the OS, they will return a UUID of all zeroes, which will cause a lot of problems once more people do it since you are guaranteed an ID collision.
I have received an warning from Google Play:
Reason for warning: Violation of Usage of Android Advertising ID
policy and section 4.8 of the Developer Distribution Agreement
I have been checking and app should be sending the Android Advertising ID. It has to be a library because I am not doing it.
I use crashlytics and OneSignal and both could be the problem. But I have found in the documentation of OneSignal that the SDK get it:
https://documentation.onesignal.com/docs/handling-personal-data#section-personal-information-sent-as-data-tags
Some data is automatically collected by the OneSignal SDK. For example, on mobile devices this typically include's the device's advertising id, purchases they have made in your app, the timezone setting of the device, and location data (if your app has location permission).
I am trying to disable the SDK continue collecting the advertising identifier but I don't find how to do it. In addition, the list of collected data is not clear because Advertising identifier does not appear:
https://documentation.onesignal.com/docs/data-collected-by-the-onesignal-sdk
I would need to know how to configure OneSignal SDK for not collecting anymore the Advertising identifier.
Thanks.
Google has started emailing apps that use Advertising Id and do not have a privacy policy to tell them they must add a privacy policy.
You can address this by adding a privacy policy to your Play Store listing and in your app. If you do not already have a privacy policy, there are tools available to create one such as http://www.docracy.com/mobileprivacy (free) or https://www.iubenda.com/en/ ($27/yr)
After speaking a little bit more with JonF, he spoke with OneSignal developers and they said that it is possible to avoid sending the Advertising ID changing some lines in the SDK:
Most of the tracking for Android can be removed from registerUserTask
in
https://github.com/OneSignal/OneSignal-Android-SDK/blob/3a4d4353b1d803852e3b9986b828c9b823801ce5/OneSignalSDK/onesignal/src/main/java/com/onesignal/OneSignal.java#L1180-L1182
The problem is that it is not possible to keep the library integrated with gradle, but at least it is a solution.
I have been thinking to implement the change with Reflection but I don't have much time now for it, it could be another way.
I'm using the Ad ID from android and I would like to make clear if the ID is different for each user that is using the same device. For instance, if I have a tablet that is being used by 3 different users (each one with each own account), the Advertising ID will be different per user?
Thanks!
Yes, I have tested this myself. The advertsingID has a dependency on Google Play services. It essentially uses the signed in Google Play user. As you will see in their API, they do not have any method to pull advertisingID by Google+ user or email address etc...
Also, be aware that an advertisingID may be reset by the user at any point.
It has come to my attention that a device may have multiple Google accounts logged into it simultaneously. I understand that pre-Honeycomb, there is a primary ID; from Honeycomb on you can simply plug in several. I currently have two IDs logged into my test tablet.
When purchasing from Google Play you can choose which account is used to make a purchase. I want to add in-app billing to an application I'm writing, and I want to make sure each Google ID gets its purchases on any device, which means I need to know which ID was used to make the purchase in the first place. This means I need to do one of the following:
Force Google Play to use one of the Google IDs chosen from within my app by the user;
Retrieve the ID that Google Play used to make the purchase.
The documentation seems to have been written with the assumption that only one purchaser would ever be active on one device. Is it possible to do this?
This seems to be an issue with the Google PlayStore application. The same has been reported at
https://code.google.com/p/marketbilling/issues/detail?id=76
I guess the app will be tied to the google account you used to download the application.You might have to use the same google id to make the purchase. Otherwise, restore of purchases could be an issue.