I need to setup an environment in an android device where only white listed apps are allowed to launch. The environment should
prevent user from installing new app and uninstalling existing app
prevent access to settings
prevent access to file directory
The Owner App are supposed to allow
download of white listed APK from a designated server within it's network
user can update white listed APK by downloading and installing it
user can launch multiple white listed app
I have looked through Android's Device Ownership and Screen Pinning references and APIs but couldn't find a solution to my above stated problem. Any pointers?
What do you think of this? http://www.andreas-schrade.de/2015/02/16/android-tutorial-how-to-create-a-kiosk-mode-in-android/
UPDATE:
Well, I've decided to use vendor like MobileIron. Thanks for the input regardlessly =)
Related
is it possible to create an android application that is meant only for internal use? Basically a private application not meant to be installed by non-approved phones?
If so what is the basic process of deployment? How do you get the app on the employees phone's?
thanks!
The easiest way is to email it to them. Any email with an .apk attachment will get an "Install" button that you can tap to install the app.
Installing from non-market sources needs to be enabled -- which is a bit of a security risk -- but the user will be prompted to turn that on if they need to, and even given a button that will take them right to the appropriate settings page. The whole process is really quite slick. :)
Alternatively, you can copy it to the phone (e.g. after connecting the phone in USB storage mode) and then use a file system app to locate the file and install it.
Emailing it is the easiest way, however.
Edit: I'm assuming you meant private as in "only sent to certain individuals" and you're not actually looking for a method that will prevent the apps from being run on non-approved devices should they end up on one.
There's a proper way to do it now: Google Play Private Channel for Google Apps. You publish app on Private Channel and then send invitations to users. It won't be seen by other users of Google Play.
Option 1
Using Google Play Private Channel is probably the best way, but is useful only for Google Apps users.
Option 2
You can use new Developer dashboard options that let your app be in Alpha or beta phase and is available to only selected google accounts (using groups or google plus circles). Your app can stay in beta indefinitely so not become visible to other users. if you like this method you can also use services like TestFlight.
Option 3
Mail distribution is also ok it's even mentioned in documentation which I find a little bit odd, but I would advise you to use some file storage like Dropbox and just distribute the link to selected people.
Two major ways:
You can either use the non-market application installation method, or adb from a connected PC to install an apk which you distribute as a bare file. The downside is that anyone in possession of the apk can install your application.
Alternatively, you can distribute the application through the android market, but make it require an account on a server you control in order to do anything useful. The upside is that possession of the apk doesn't get an unauthorized user much; the downside is negative ratings from confused randoms, and that you've made your apk very available for interested parties to know about and decompile. (There is or was also a way to put an app on the market but not list it so it was only accessible via a full url, however don't rely on that)
Yes. As of right now I use such a method, I have to manually load the app on the phone, however other techniques can be used. Once loaded the app checks the main server to see if it is up to date. If it is not, it downloads and installs the new version of itself.
If you go to your eclipse workspace and go to yours app's folder, in the bin folder assuming you develop with eclipse, you will find a .apk file somewhere in there. Copy it to the phone and then use something like EZ File Explorer (or something like that) to access your android filesystem, click on the .apk and it will install and be ready to use.
The device my Android app is running does not have Playstore on it. The plan is to pre-install the software when shipping the device. I am now looking for a strategy to upgrade the application.
I found this useful link to install an Android app from the apk file:
Android: install .apk programmatically
I am thinking I will use this logic to auto-upgrade my app. I am wondering if it is even possible. I am thinking the upgrade will first try to uninstall existing version but will fail as the executable is still running and the file may be locked. Is there a better way? Regards.
Peter, we've just implemented the same thing.
Users have the software pre-installed on their device and we host update APK's on the companies servers.
From the app they can then check for updates where we have a WCF service which extracts the APK file (essentially a .zip) and returns the manifest details. From there we have the version of the APK and can compare it against the local version.
If the user decides to upgrade they can download the APK and you can automatically launch it. At which point the user will be told the application is going to be updated. There are no file locks etc, the app will just close and restart using the new version.
Note: Downgrading is not "automatic". The user would have to first uninstall the app. For upgrades, however, it's a simple case of downloading and launching the APK version (the user will be told they need to allow installations from unknown sources if this is not checked).
You have a couple of options, depending upon your target system.
Use the link you posted. This will provide the user with a traditional install dialog, whereby the user can choose to install or not. You should avoid doing that automatically, as APKs can be large and you might irritate the user if they don't want updates.
You can install updates magically, but you will require the firmware signing key (or possibly root, but I haven't tested that). That will not ask for consent from the user. You will need to add additional code using reflection to access the installation methods of Android. If you go this way, you should build an opt-out/in mechanism.
If your app is open-source, F-Droid would solve the problem for you.
F-Droid is an installable catalogue of FOSS (Free and Open Source
Software) applications for the Android platform. The client makes it
easy to browse, install, and keep track of updates on your device.
Mainly, it updates your app when necessary. (Or just have a look at its source code for inspiration on how to do it).
Yes but as far as I remember only if you had Root privileges in order to have access to the INSTALL_PACKAGES permission.
I am developing a customer care android application. The client want that only the customer care application should be installed in the Android phone and we should prevent installation of other application. Is there any hack we can do to do that?
Is there any hack we can do to do that?
Fortunately, not from a standard SDK app -- the technical term for this would be "malware".
As the comments to your question indicate, you are welcome to root the device, remove the Google Play Store client (if it exists), and disable the ability to install from non-Play sources by adjusting the secure settings. However, I suspect that this will prevent you from updating your own app without rooting.
Is there a way you can develop on a device that has your application preloaded on it? I have tried changing the name of the application, but that affects a lot of files, and you couldn't realistically develop that way (changing all the names before checkin and then cheanging them back aftewards).
If you can sign your app with the same signing key as was used for the copy of your app in the device's firmware, having a higher android:versionCode should allow you to install and test the updated app. Leastways, that's how apps like Google Maps work as I understand it, where the firmware ships one but updates come by way of the Android Market.
If, however, you cannot sign your app with the same signing key, that won't work, and you have no real choice but to either:
Root the device, delete the firmware copy, possibly un-root (de-root? dis-root?) the device, then use it normally, or
Refactor your app as you describe
You need to build the project from command line into a different package name(other than the one used by the preloaded app)...Check this link for further details: http://elinux.org/Android_aapt http://blog.uncommons.org/2010/07/19/building-two-versions-of-the-same-android-app especially the aapt --custom-package where you can specify the new package name for your app... --Cheers
The instructions for debugging on a phone are set out in the guide topic Using Hardware Devices.
Yes. Enable debug mode on the device, and connect the device to a computer using a USB, then you can look at the logs (assuming that your app uses logging). You do not need to root the device.
I general turn off logging on APKs that will actually be used (I have a custom wrapper for console.log that I can turn off with a global). In a case like that, you can set an Easter Egg in your app that would allow the user to turn logging on if they know the appropriate password, etc.
I want to allow user to install my app directly from my web-site, not through the Android market.
I'm working on a specific non-phone android device, which can't be connected to the Android market.
how can I accomplish such a thing ?
The device can download the APK files like a normal file. After that, the user can open it and gets prompted to install it by checking the apps permissions. This required the unknown source preference (Preferences->Applications->Development usually) to be checked.
If you want to create some sort of drive-by-download/install: Thats not possible for (obvious) security reasons.