Is there any possibility to make unity3d application use new possibilities in Android 5.0 device owner app?
http://developer.android.com/about/versions/android-5.0.html#DeviceOwner
I'm trying to make app in unity3d that will work in "kiosk mode".
I know nothing about Unit3d but if it is a regular apk you probably can make use of DeviceOwner features. Though, enabling DeviceOwner is not a task for regular user on regular apps.
First, it requires the device to not have being provisioned - most common scenarios there is no account setup in the device. The process can be done either through a second device using NFC and a provisioning app or via adb shell dpm set-device-owner app.package/.DeviceAdminReceiver... not trivial, neither can be done by regular end users. May be what you want is just full screen mode? That can be done in the manifest... Kiosk mode will actually pin your app in the device.
If you are willing for setting up an actual kiosk to demo your app or something similar, it is indeed a good direction to go.
Related
My goal is to write an application for Android (>= 9.0) which basically offers a device-owner-style control like Google's "Android Device Policy".
The following criteria have to be met:
Zero dependency on Google servers or any other 3rd party infrastructure like existing EMM solutions (MobileIron et cetera)
The user should not be able to remove or disable the app
Provisioning methods: QR-Code, NFC, URL, ADB, actually any "local" way ...
Has to work with stock androids on regular consumer devices
In short: I'd like to write an unremovable device manager (including a web-based management UI), put it on a device I own, give that device to someone else, and being able to fully control the device remotely.
Is such a project even possible with the current situation of Android?
No.
Has to work with stock androids on regular consumer devices
Mostly, this is your biggest hurdle to overcome.
What you are asking for is the description of a very powerful MalWare. An app that ca run on any version of Android, that can't be uninstalled, but can do what it wants to "fully control the device".
If you move away from the idea of "stock android on regular consumer device", towards a suite of devices you have some say in distributing:
Here is a list of Google Partners who offer an EMM solution: https://androidenterprisepartners.withgoogle.com/emm/
Here is Samsungs effort at device control:
https://www.samsungknox.com/en
Here is Googles device management:
https://developers.google.com/android/management
You could write your own ROM of Android and be able to control the things you want, but that would require .. building a ROM aka a whole phone OS forked from AOSP.
The user should not be able to remove or disable the app
This is only possible if you have a system app.
Or something extreme (which with any extreme, is always possible to have problems), like having two apps, and they monitor each other for uninstall, and programatically reinstall (vs 1 app that can't do much when it is being uninstalled).
maybe someone know , samsung have a powerfull core with name KNOX SDK.We have application which based on this sdk. And we are looking a way to do same application without knox sdk. But we stuck with simple function like kiosk mode. This mode not working if device owner is not setted for application (for me it's hard to understand) All what i found - it's this way :
This way is correct if im testing application myself. But when time is come and we will need to install this application on our 100-200 devices , then this way looks bad . Every device to do factory reset, and adb commands etc.
So question :
I'm sure there are should be a way to do this offically. But i can't find any info about this. Maybe some one know how to do this ? Please help. I'm sure i'm missed something somewhere. :)
You can get information about the ways to provision device here. They include:
QR code
Managed Google Play Accounts
Google Account
NFC
I've wrote an article where I've described provisioning with QR-code here. We've selected this way for our Kiosk application as the most optimal one, because:
zero touch enrolment works only on a small subset of devices;
NFC provisioning requires another device with special app;
Google Account requires having and managing this account.
On the other hand QR-code works almost on all Android 7.0+ devices ("almost" because some vendors disable this in their custom ROMs) and is easy to setup for end user.
But when you need to install it on multiple devices (and it's some internal app, so you do it yourself, rather than end user) Google Account can be more appropriate.
In production, you'll want to provision your dedicated devices from the factory reset state (on the initial blue screen) using NFC, a QR code, or if supported, zero touch enrollment. NFC can be used from another Android device using an app such as the NFC provisioning app. A dedicated NFC card can also be programmed using an app such as NFC Tools. Google provides provisioning instruction on their TestDPC github repo. EMMs will also provide instructions for their DPC app. Using Android Management is usually a better alternative to TestDPC for production deployments under a 1000 devices. Additonal provisioning options and increased API usage limits are available if you're part of the EMM Community.
I am learning about Kiosk devices. I am going through the docs but stumbled across this thing.
As per docs-
Kiosk Apps are Chrome Apps that are designed to always run fullscreen using Single App Kiosk Mode on Chrome OS and do not allow the user to exit the app. They're great for a purpose-built Chrome device, such as a guest registration desk, a library catalog station, or a point-of-sale system in a store.
There is also a mention of Kiosk Mode
It is an Android kiosk app that replaces the default Home Screen or Launcher and restricts user to accessonly one application or a few allowed applications. ... It has become common to use off-the-shelf mobile devices to run business applications or self-service kiosks.
Though I am unable to understand as to how to develop a Kiosk app for Android.
Yes, you can build kiosk apps in android.
In addition to Morrison Chang's link in their comment I suggest you to read this article for more practical approach.
Note: This article has a point on making layer that catches user drag events and such. On newer Android versions(8.0) this no longer works.
You can create Kiosk application. From Lolipop 5.0 google is providing api for that.
https://developer.android.com/work/cosu
You can use Pinning or LockTask to achieve the Kiosk application feature.
Some like of sample git application
Git Link
Git Link2
You can make kiosk device by making your application owner of the device and then pinning the app on the device.
Please follow the below link it gives the detailed concept of making an application an owner device and then you can pin it using the code for pinning
https://medium.com/#ashubansal.ashishbansal/make-your-android-device-a-kiosk-device-so-that-no-one-can-open-anything-in-your-device-except-the-3bb42a0db8ea
If you are using a dedicated device for your kiosk app you can use the Android For Work APIs to have a single application or multi application kiosk.
Lock task mode API from the android allows you to lock the specific app to run on the device and always on the foreground. This will disable the Home button and Overview button as well making a true kiosk mode experience.
In order to use the API, you need to use the DevicePolicyManager and run your application as Device owner.
You can also refer here for details on how to create a Kiosk app
https://blog.esper.io/best-way-to-build-android-apps-in-kiosk-mode
Since the process of applying for EMM integration takes an unjustifiably big amount of time and the whole process is described as "incredibly painful" by those lucky ones that went through it, I want to know whether is it absolutely needed to become an EMM in order to have a working Device Policy Controller app (DPC).
If you faced this problem, please share the experience.
I am developing for COSU devices and want to go into a kiosk mode. I am aware of existence of ways of how to do it, but they all implement a bunch of workarounds - this is not an option - I want a controllable, safe and robust way of doing this. I don't care about not having the ability for remote managing also.
You can use Google's new Android Management API to manage Android devices without building a DPC or registering as an EMM.
You just want to write an app that uses Device Policy Owner? That's fairly simple, assuming you own the devices. Just install your app, adb shell in, and run the dpm command to set your app as owner. If you're buying in bulk from a manufacturer you can get them to do it for you in the custom image you install (although you may need to explain what you want, it isn't a common usecase).
Of course everything has its limits. This will work, unless the user manages to do a factory reset. Which you can prevent via the UI, but can generally be reached from recovery modes or from unlocking the bootloader. So its safe from casual intrusion, but if someone really wants to get at your device and they have physical access and time, they can.
It is definitely possible to write your own DPC without registering with the EMM community.
The most convenient option for provisioning the devices is via NFC. for example using a second device, as it is quite simple to write a provisioning application.
See Implementing Kiosk Mode in Android (part 3 and 4)
for a good example.
I had a few problems with some Android 5 devices, but since 6.0 it works quite well.
I need to write a kiosk launcher for a number of Android devices. It is supposed to launch Chrome or Firefox, showing a specific webpage in fullscreen. That page already calls the HTML5 requestFullScreen() API, but it doesn't work because that call is not coming from a user-generated event, and therefore gets declined by a browser for security reasons.
I did some searching and I found the following questions:
https://android.stackexchange.com/questions/88031/how-to-set-kiosk-mode-in-chrome
https://android.stackexchange.com/questions/115258/android-kiosk-mode
Both of these answers end up pointing to the existing apps or browsers, some of those are doing exactly what I'm trying to accomplish. This feels like an overkill, as I'm already using an app to get this thing going. And I can't use a special browser like suggested here because major browsers like Firefox or Chrome are more reliable in terms of updates and supported features.
But at the same time, the fact that these apps exist means that whatever I need to do is, well, doable. From Kiosk Browser Lockdown:
[Pro features]
Fullscreen mode / Hidden Toolbar
My question is this: what are the Android APIs they use to accomplish this? Is there anything I'm missing at this point? What are the documentation pages, guides or articles I should be looking for?
Thank you
I have similar problem with an commercial application running either in the linux system or windows OS. This application is made to run in a browser.
By the past, we opened a browser window, that we customised. and closing main window. :
* hiding menubar.
* hiding button bar.
* keeping close / lower window buttons
Fullscreen mode can not be used, since it hides window buttons.
Today, more and more browser based applications will arise (angularjs and similar applications coming...).
I found Atom Application can do this, using chromium .
Does this mean I have to embed a webbrowser with my application setup ???
And stick to some browser (eg. chromium) , altough my application is compatinble with many .
Do you 100% have to use Chrome or Firefox?
It is easier to do what you are saying by developing a kiosk app with a custom WebView that only shows the webpage you want to show. I could be wrong on this, but I believe WebViews on Android are technically Chrome (or something like it) on the back end, but either way, using one I doubt you would need to worry about updates. However, that is not what you asked... so I will describe a solution using Chrome or Firefox. My solution also means you need to have access to the devices you are loading your software on though, not a commercial app, because you need ADB.
It is completely possible to setup a Kiosk app in Android to only allow Chrome or Firefox to be used, and this is easily done if you set the application you load onto the device (to do whatever task you need) as the device owner. This is easy to do via ADB using a Command Prompt or Android Studio Terminal.
Just FYI...I am not positive setting up a 'true' Kiosk App is possible without device owner privileges, you cannot actually lock an app to the screen without it. In the case I describe, you get a true Kiosk implementation using a device owner, not a nifty work around that mimics that functionality like most of the apps you see in the market, however, I would also bet that those apps have some type of device admin privileges, which are less powerful than device owner, but still powerful.
The 'real' way I describe would be done via ADB (or the command line) with a similar snippet to the following command (I used this in a recent enterprise application that seems pretty similar to what you are describing):
adb shell dpm set-device-owner
com.viatechsystems.guestservices/android.app.admin.DeviceAdminReceiver
You would replace "com.viatechsystems.guestservices" with your Kiosk application's package name. You will get a confirmation message on the console once the device owner is set via ADB, but realize that this command could fail if a Device Owner is already set via some other method. To fix that issue, reset your device and try the command again and you should be good to go.
As far as locking your app (or in your case Chrome or Firefox, just find out what the package name is first) into Kiosk Mode after device owner has been set, you need to run this snippet, or something like it, in your application's main activity:
DevicePolicyManager DPM =
(DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
ComponentName ownerName = new
ComponentName(WHATEVER_CLASS_YOU_USE_TO_DISABLE_APPS.this
DeviceAdminReceiver.class);
//this.getPackageName() GETS CURRENT PACKAGE
String[] packages = {
//THIS IS CURRENT APP
this.getPackageName()
//YOU NEED TO USE CHROME OR FIREFOX PACKAGE
//NAME HERE INSTEAD FOR WHAT YOU WANT
};
DPM.setLockTaskPackages(ownerName, packages);
startLockTask(); //LOCKS PACKAGES IN KIOSK MODE
Now that should do what you needed, however in my recent app's case I needed to also ensure that if a user somehow got out of the Kiosk mode (which is technically possible on reboot, even with a Boot Listener implemented), they would only be able to open the application I wanted, and nothing else.
To do this you need to hide/disable applications with the device owner privileges you achieved earlier when you set your custom application to lock down Chrome, or Firefox, or whatever you want into Kiosk mode.
I can tell you how to find all of the package names on the device you load your app on, but I'm guessing you can figure that out... hint if you have issues, you use Android's Package Manager.
In this instance the package/app we want to hide is "com.example.HideThisPackage", simply replace it with whatever package name you want to hide/disable as the device owner.
//THIS VARIABLE AGAIN
DevicePolicyManager DPM =
(DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
//THIS VARIABLE AGAIN
ComponentName ownerName = new
ComponentName(WHATEVER_CLASS_YOU_USE_TO_DISABLE_APPS.this
DeviceAdminReceiver.class);
//USED TO HIDE INSTALLED APPS AFTER DEVICE OWNER ENABLED
DPM.setApplicationHidden(ownerName, com.example.HideThisPackage, true);
Then you should be good to go, let me know if you need any additional pointers but I used code almost exactly like this to do what it seems like you are describing a few months ago.