I have written an app that enforces device policy management to enforce PIN and screen lock (similar to http://developer.android.com/training/enterprise/device-management-policy.html) and intend to ultimately have it on Google PlayStore.
Does my app need to be signed with system certificate in order for it be able to enforce these device management policies?
No, your app will have certain rights and will not require any system certificate, it will just require approval from the user to allow your app to act as an administrator.
Kindly download the sample app from here.
As shown in below image it will ask permission from user and that's it.
Will google allow to upload such app on Play-store ?
Yes definitely, It will allow for sure. Google have disclosed this API for such kind of apps. In playstore, there are many apps which are acting as administrator with this API. i.e. AppLock, AirDroid, AndroidLost
Related
I've been told that there is a way to create an apk that can be installed on an android device and allow a remote server to install and launch a new apk remotely without any user input.
This would be done on a closed network of android devices, this is not intended to be a published app in the store. I've not been able to find any information on this.
Has this been done before? This would be differnt from installing an apk that checks for content updates, in my experience even with an MDM you can not push, install, and launch a new APK without a user interaction on the remote device.
You can upload the app to Google Play, as an alpha or beta version.
Then, you can enroll in the alpha or beta on the Android device.
Make sure auto-updating is on in Google Play, and within a few hours after the update is submitted, the update should be pushed to the devices in the alpha/beta program.
As mentioned in the comments a solution to remote apk install is to root your device(s) or build a custom ROM and then creating a system application with the android.permission.INSTALL_PACKAGES permission. This may be better for your use case than going through Google Play because Play requires the device to have a Google account signed in and auto-updates enabled by the user.
The issue with rooting devices or creating a custom ROM is the amount of maintenance and setup for each device. You also have the risk of introducing security flaws to your devices and application.
You can also look at MDM solutions to achieve the same result:
Samsung Knox lets you upload an app to their service and "the app automatically installs on users' devices inside the Knox container".
AirWatch lets you "Deploy public, internal or bulk-purchased apps to devices automatically or to an enterprise app catalog for on-demand install".
Mason lets you upload your apk and push it to your devices instantly. You also get additional controls like making your app the direct boot package, locking your app in kiosk mode, or preventing the user from getting into Settings. If this sounds it would fit your use case, feel free to reach out to me: trevor # bymason.com
DISCLAIMER: I work for Mason
I have an app and I want users to only use that app on the device, for that i need to restrict any other app installation.
I was checking the DeviceManager policy API but i couldn't find something that totally restrict users from downloading apps or sideloading them.
Is this feasible to do in non rooted device?
I have a simple question as to how can we prevent the user to share an apk file from his/her device to others.Like if i put a paid application in the market and a user downloads it . If its downloaded how can i be sure that he doesn't transfer the application to other or puts it in some third party market . I need to find some security measure to do it for my application.Is there any permissions that needs to be added or any third party security .
All the answers are appreciated.
As I came across this link. How can i prevent LVL
The Google Licensing Manager is what you should use which can be found at http://developer.android.com/google/play/licensing/index.html.
This uses some code that you can put at the start of your application that uses the licensing API to check that your app is licensed. This is done by checking that the account that the user is using on their device has paid for the app via Google Wallet and that a refund has not provided. If it is found to have been paid, then you can let the app run, otherwise you can display an error to the user informing them that it is not licensed. Most apps that do this provide a button that will launch the play store at your app to let them download the legit version.
This doesn't directly stop users copying the APK or publishing it on other markets but it ensures that app cannot be used unless has been purchased by the current user on the Google account they are using.
Although there may be ways to circumvent this check but this is probably the best and most reliable way.
Hope this helps.
You can do something like verify user on your server when app launched, but you cannot force user not to share .apk by technical means. Apk can be easily copied from non-rooted device, and there's absolutely impossible to prohibit user to copy .apk from rooted device even if Google adds some copy protection in future.
I want with my app such that user can not copy it. and user must pay for an app when user install on different mobile.
Once user paid app then it should work only in one mobile. when user install the app with same login then user can not install the app on different mobile. For this user need to pay for this.
How to achieve this.
You cannot do this through Google Play's paid app feature.
At best, you can make your app free and have an in app purchase that the user must make, which ties the device IMEI or MAC Address to that purchase on a server you own. That way, you can make users buy the app everytime they install it on a new device.
The copy protection feature is now deprecated, and you can't use it. Additionally, any user with a rooted device can pull your apk off their device. This is outside your control.
I observed some applications in play store are showing Allow Automatic Updating option with check box at the time of installation,some don't why? are there any settings or permissions to be added for this in manifest file or this is something available for preloaded apps or apps which has vendor/manufacturer certificate? What I have to do to get Allow Automatic Updating feature for my application on play store as a normal developer. Below Image showing what I am referring too. Any Suggestions please, Thanks In Advance.
[EDIT] just for Info
As a normal developer we can't implement this feature. The reason is android.permission.INSTALL_PACKAGES is just ignored by Android system unless your app is signed with manufacturer certificate. If your app is certified with manufacturer certificate then your app is treated as part of firmware and it is eligible for silent installation of any packages.
I've published an application on Google Play and it has "Allow Automatic Update" checkbox.
I did not do anything special to make it available. If you have a sample of the application, which is published on Google Play and does not have this checkbox, please, let me know, since I haven't seen such an application yet.