I'm looking for a way to store settings on a React Native app (both iOS and Android), so that the user can't just open a file editor and edit the settings (mostly referring to Android here).
It's ok if they view it, just not edit it.
I also don't want to send it via the API every time for certain reasons (in other words, I can't just hit a JSON endpoint to fetch the data fresh every time so that it doesn't need to be stored).
I've heard of using something like a 'key store' but I've heard it's not implemented on Android?
PS: Ultimate 'security' is not the goal, its so that I can store certain settings about their account without fetching it every time. If someone really wants to decompile the app or sniff out all kinds of things about it, thats fine, but it will thwart 99.999% of attempts which is all I care about.
Related
I'm trying to understand how applications are storing data without the use of a login system. Example, an android app starts you with 500 coins and you use some of them. You have not logged in at all and you delete the 'app data' in settings and uninstall and reinstall. The app still knows you only have 450 coins left for example. The app requires internet connection so I'm assuming they are storing the info on their server. If so, how are they uniquely identifying your device? In my reading so far it seems there is no full-proof way to uniquely identify a device every time.
I'm asking because I'm going to be working on an app where I don't want to require a login but I also don't want the player to simply reinstall and get to start over. So, my question is how does everyone handle this situation to work for both iOS and android?
Google offers Firebase, which is used for notifications, but makes use of a unique identifier for an application instance on a device (both on iOS and Android), they could be using this.
There are some more providers that offer a similar service (for example OneSignal).
Reference: https://firebase.google.com/
I desire the application state synchronized across the various devices that Users own phone and tablet. I want a way to automatically, or by a button for example, synchronize Android application settings (int and strings saved on SharedPreferences) with a Google account or APIs or automatic sync (in Google account Settings) but i'm very confused..
I see App Engine, GCM and "cloudendpoints"
So..what is the best solution to automatically sync the Preferences? Any example or guide? I think that the solution is easy but hard to find!
The solution is not easy. AppEngine can handle the web server part easily in many ways. The Android side will be harder, most particularly making it automatic. Android probably stops preferences being changed arbitrarily by external data to avoid security vulnerabilities.
Approach the problem from the Android end by first updating your preferences with your own App, then try it from your own Service, and then add AppEngine client software to your service. You will discover what you need to know along the way.
I have some apps that I know go out to the web and pull down some pages to be displayed within the application in some type of wrapper (working in Android). I was wondering if there was a way to be able to fetch a list of those web pages, like the application's "web history".
If I could get this in a list somewhere in code that would be awesome, or otherwise just some way to view this. I suppose on the application level it would be different for every app, but if there is someway to fetch this from another app or some type of code that would be awesome!
To sum up, basically I want app A to know what pages app B (an application that I do not own) has fetched and displayed previously.
bascially I want app A to know what pages app B (an application that I do not own) has fetched and displayed previously
Fortunately, this is not directly possible, for obvious privacy and security reasons.
If App B allows you to configure a proxy server for it, then you can do so, using some proxy server that you manage that can record this info. You can even write an HTTP proxy server to fill this role.
Rooted device users can use Wireshark and equivalent to monitor all network traffic.
i need to know how can i secure my app to make a close beta?
i want to send my app to some people so that they can test it. but i dont want them to share the .apk with other people and just use it some days. so i need to implement some kind of trial/beta mode.
i need something, that the app e.g. only runs 7 days or so. how to do this?
There are a few ways to ensure security:
Get a server, and have a server side authentication based on a unique device ID, like an IMEI or MAC address. Any device which does not belong to your testers will not be listed on your server, and you can stop the app from running.
If possible, have each person come to you and install the apk yourself, instead of mailing it to them
Create a trial system. Store the date on which the person first accessed your app from the device, and stop letting him use it n days later. If you store this on a server along with the unique ID, it'll be safer, as if it is stored in the shared preferences or something, the user could get around it by clearing the data or uninstalling and reinstalling the app.
Obfuscate your code using a tool like ProGuard. This will add an extra layer of security incase someone decompiles your app
Note that these are only a few suggestions, and none of them are 100% secure. AFAIK, there is no way to ensure 100% security, short having having the devices locked in a lead room, and letting in the testers one at a time. And there is a way to get around that too, I bet.
Use hockeyapp, there's nothing easier to distribute your app to a closed group of people.
Is there a way to build and Android and iPhone application that automatically updates its content.
For Example: the user has download the application and we have all of our data on there and what not but then we get another entertainer that is coming to the festival and we want to list them in the app. Do I have to "Publish" an update for the users to download of can all that information be dynamic and automatically retrieved from a server every time the person has internet.
Does that makes sense to anyone, I hope it does.
The short answer is yes.
How you achieve it is to broad a topic without some more information about your specific situation. In general what you'll be looking to do is host your content online somewhere and have your application pull the most recent version when it begins.
There are many possible ways you could store your data online XML, JSON, RSS are a few that are pretty common. Which you'd want to use depends on exactly what the data you are sharing is.