I'm developing a enterprise app for my client. He got the Companys phones rooted, but he need an app where he can control the background. But the problem is, he dont want so the app can be uninstalled. I know that you can make the app an system app, but it can still be deactivated.. Also you can use device admin, but it can just get unregistered, and then uninstalled.. Any way to make the app uninstallable? Of course is the app only going to get installed on the Companys phones, and not released om google play. Ask if you dont understand my question.. :-)
Depending on the manufacturer of the device, this might be possible. I'm most familiar with Samsung devices.
On Samsung devices, there is a special SDK called Knox which has many useful APIs. One of those allows you to disable uninstallation for any app you choose. Even with this, the app could still be removed by a factory reset (but Knox can disable factory reset as well).
If you aren't on Samsung, it's possible that whatever manufacturer you use has a similar SDK, so you should look into it. If you are on Samsung, you will need access to the Knox SDK, which isn't free, but since you said this is for a client maybe he would be willing to pay?
Related
I like to have single android app in our managed devices, we want only that app to be used on the device with necessary restriction, such that,
Single use - Device will have only one app, user can't use other apps, like browsing, youtube or anything,
the initial setting like notification sound, GPS always on, notification and ring sound maximum level can't be modified.
user can not power off the device.
this setting can only be changed by our servers.
i think i have 2 option,
1) Using samsung knox sdk on samsung devices,
Here's MDM proving feature of Samsung Knox Standard!
2) General Android way, Set up Single-Purpose Devices, COSU solution
Android Developer's site.
Wanted to know your's view on this, may be if you guys have done any of the two or any other ways, i could use some of the guidelines or a path.
Thanks for reading, and please comment if i was unable to articulate the subject or it needs editing.
You can use Google's new Android Management API, it seems to suit your needs.
It is a new cloud API that allows to manage Android devices from a server, without having to build an on-device agent (a device policy controller).
I have broad experience of using Samsung Kiosk Mode from Knox Standard SDK which is free and Pro-Kiosk mode from Knox Customization SDK (which has more functions but is not free).
So I can tell you for sure that all 4 points that you have mentioned can be achieved by using Knox Standard SDK.
Singe Purpose: https://seap.samsung.com/api-references/android-standard/reference/android/app/enterprise/kioskmode/KioskMode.html
LocationPolicy (you can turn on GPS and restrict changing): https://seap.samsung.com/api-references/android-standard/reference/android/app/enterprise/LocationPolicy.html
Yes. It is possible but I forgot the exact implementation.
Yes, as well.
Only downside of using this SDK is:
You are tied to Samsung (which I personally okay with, since Samsung has such market penetration and you could get service almost anywhere in the world and in enterprise world it is critical)
About Android native functionality: never tried it
Update March 7, 2019: Now I am playing around Device Owner, we use it for Kiosk mode, works well and works on android Device with Nougat and earlier.
We are the software development department of a company that makes industrial equipment and we have some Samsung Galaxy-Tab 4 tablets that we use as "remote controls" for the manufacturing equipment, using an app we wrote ourselves for the purpose and installed directly from Android Studio. This app is not distributed to other devices. We bought these tablets online, right out of the box from Samsung, i.e., there is no phone company or common carrier involved. These tablets are not registered with Google, i.e., there is no gmail account associated with them; in fact we can't even access Google Play with them. I unboxed these tablets myself and never registered them with with Google or Samsung.
So I was surprised when I came in this morning and saw a notice on the screen of one that a scheduled software update has been downloaded and was ready to go. It says it's 876.87 MB and it wants to do an OS upgrade to Lollipop.
I have no idea where the upgrade is coming from or how it's initiated. My concern is that if this happens at a customer site or trade show an unexpected upgrade could break our software or cause other mischief. Is there a way I can programmatically disable software upgrades?
As an app developer, no you cannot control firmware upgrades. They come from either the carrier, or if it's a wi-fi tablet, the manufacturer.
Your only option is to control the firmware. That means building your own firmware dist of Android for your chosen hardware. You can then disable (or otherwise control) the firmware update schedule / process my making changes in the firmware.
Owning the firmware is a very big deal compared to deploying an app.
I was surprised when I came in this morning and saw a notice on the screen of one that a scheduled software update
as a software developer I cannot understand your surprise. It's a very well known (and often criticise feature due to slow/delayed roll out) feature of the OS
I have no idea where the upgrade is coming from or how it's initiated
Those come from the device manufacturer (you said Samsung, right?) and do not need a login or account of any type. It's coded somewhere deep inside the OS to check the manufacturer server for updates. Same that happens with Windows, Mac OS, Linux or iOS.
There is absolutely nothing an app can do to disable the OS update from an API point of view. This would be a major security flaw. One can easily imagine a malicious app exploiting a known OS vulnerability and blocking the OS from update itself that would patch the vulnerability.
possible solutions for your case
Apart from creating your own custom OS to control the process the only possible way that I can think of, is to host your own VPN server that blocks the update server (or blocks the whole internet expect the resources you want to access from your app) and configure the device to this VPN under Settings -> WiFi.
ps.: I saw the mentioned link and I would advise against disabling system services (or at least test A LOT after you diable it) because that could cause other issues.
My company makes a tablet Android app to control an industrial process. We had been using a Galaxy Tab 10.1, but as that's no longer available in the US we're evaluating the Galaxy Tab 2 10.1, running 4.03. We ship the tablet pre-installed with our app, and the app is carefully tested with the version of Android software running on the tablet.
As I was setting up one of the new tablets the setup wizard put up a message saying "You agree that your tablet may receive and install updates from Google" It wasn't asking me, it was telling me; there was no place to say "no" or disagree. Auto update is DISabled in settings.
How can I programmatically prevent a force-feed update to the tablet? Our users are connected to a local area net because the tablets are used to control other industrial products, but there is never any need to connect to the web beyond the factory walls, but we have no way to enforce that on our customers. The risk is that Google could force a change onto the tablet that might break our app.
Thanks in advance.
How can I programmatically prevent a force-feed update to the tablet?
Build your own firmware and use that rather than the stock firmware.
The risk is that Google could force a change onto the tablet that might break our app.
The risk of blocking the firmware updates is that Samsung (not Google) could deliver an update to the tablet that fixes flaws in the firmware that your customers would appreciate (e.g., better WiFi connectivity).
Please understand that the devices that you are using are consumer devices. Such devices are not intended for use "to control an industrial process". The expectation is that if you are using Android in such settings, that you would source your own device and have control over your firmware. Alas, there is not a whole lot of support for that at the moment, something I blogged about recently.
As long as you target your desired API, an update to the system should not break any functionality of your app. To answer your question, you cannot programatically disable automatic updates, it is a user function.
Check this link as well: Programatically enable/disable market auto-update
Is there a way to protect android devices so that the
user is no more able to download/install other apps?
The idea is to lend devices with specific apps.
Ideally the owner (that's me) should be able to remove the protection using a password/passphrase
Nope, don't think it can be done on a stock device.
If there is a way it is probably within the Device Administration API
Likely though is that if you want to achieve this you'd need at least a rooted device, and maybe even your own custom build of the OS to allow for it.
I'm making an app for Android in Eclipse. Currently the app works fine on my Droid Incredible, but it does not work at all on my friends' model which I emailed the apk to. Is there a way for me to emulate different phone models to run the app on without physically having them?
Thanks
The short answer is no. The long answer is that emulators are never perfect as they don't simulate the electronics of the devices but the logic in them. You should run automated tests on your device and if possible in physical target devices. There's a service, similar to vnc, i didn't used this service nor do i recommend it, but it exists, it's called deviceanywhere , google it, it offers remote testing on real hardware, but of course it's a paid service.
Another way to test the application is to give a beta version to android forums and get feedback from users, and don't forget to include internal tests and logging.