I am looking for a Unique Information that differs for every Android Devices. I like to do it to serve as a security for my app to avoid it from spreading and being used by unwanted users other than those who i want to share my app with. I thought of the following and a problem:
IMEI = Not all of my Clients' Device has a SIM Slot, others have WiFi Tablets.
WiFi/BT MAC = It can easily be altered and changed to another Address using some MAC Changing Software.
Android ID = Given that it is a Unique information that is present among most Android Devices, i have read an article that discusses
about the bug that it resets upon factory reset.
So if there is any other idea that i can use as a protection, please refer it to me.
Settings.Secure#ANDROID_ID returns a unique 64 bit hex string for device
You can get it by:
import android.provider.Settings.Secure;
private String uniqueId = Secure.getString(getContext().getContentResolver(),
Secure.ANDROID_ID);
You are muddling up two concepts - devices and users. You state that you just want certain users to have access to your app, then ask for ways to limit it to certain devices, with the problems that many device identifiers can change over time. (There's a more fundamental problem than that - users will also change their devices over time as well!)
To limit to just certain users, you can use the Play Store Beta channel - and it's perfectly fine to do this without ever having a production (freely available) version
https://support.google.com/googleplay/android-developer/answer/3131213?hl=en
Related
I have an application in which I want to identify the device with Unique ID,
I have tried multiple solutions but doing after phone reset unique ID gets changed(like ANDROID_ID)
I have used below StackOverflow links which are not usable now.
Is there a unique Android device ID?,
How to get unique device numer in Android?,
Get Unique ID of Android Device?,
How to get unique device hardware id in Android?,
Get unique device ID in android
Android Q has restricted access for IMEI and serial number. It is available only for platforms and apps with special carrier permission. Also, permission READ_PRIVILEGED_PHONE_STATE is not available for non-platform apps.
Many people may mark this as duplicate but please note that
I am looking for a unique id that will last for a device. (which will not change even after resetting/formating the device)
It's not possible in latest Android versions by design to prevent apps from tracking devices due to privacy reasons. Especially if you want to track after a device factory reset as mentioned.
See Best Practices Guide
Recommendation is to use Advertising ID and not associate it with any hardware identifiers. You may identify the user account, but not the device itself. This allows the user to change the user account if they deem necessary or uninstall/reinstall the app at worst.
Play Store policy notes
Association with personally-identifiable information or other identifiers. The advertising identifier must not be connected to personally-identifiable information or associated with any persistent device identifier (for example: SSID, MAC address, IMEI, etc.) without explicit consent of the user.
Now, you may track a device as long as
you don't distribute your app via the play store (i.e sideloading, but you do risk getting booted if Play Protect on device may notice you. I can't remember the default setting, but if the device has play services, it may scan sideloaded apps and remove them if it finds malicious behavior.)
Use hardware identifiers on older versions of Android, (still subject to Play Protect, and also Play Store if you distribute through there) or force users to use a custom ROM
I am new to Android Development so i do not have much knowledge about the Android Unique Ids and whether Play Store will accept my app or ask for me to include any PP. Purpose of using this is to identifier that which user is interested in the promotions that i will provide in my App (For this purpose I have my own view similar to Admob banner).
Please let me know that how i can achieve this.
I use Settings.Secure.ANDROID_ID
A 64-bit number (as a hex string) that is randomly generated when the user first sets up the device and should remain constant for the lifetime of the user's device. The value may change if a factory reset is performed on the device.
android.provider.Settings.Secure.getString(
context.getContentResolver(), Settings.Secure.ANDROID_ID);
It gets reset if user performs factory reset of device.
What's the purpose of Android Development device id, under Developer Options on ICS? I've googled and found nothing.
The device id is yet another manner that your apps can be linked to your phone. Most apps are linked to your account, but some, particularly those that you could not pay for via market, used device id so that you could not buy an app and then install it on several devices.
It used to be hidden only, and maybe after the final is out, it will be hidden again.
for more information -
http://androidforums.com/motorola-droid-bionic/584694-ics-development-device-id.html
May be this will help you......
Every device has an android device ID, the only (user) way to reset this ID is to use android's reset to factory defaults options - so this ID should remain constant unless a phone is sold/transfers ownership etc. The ID should be unique across all devices across all time.
These properties make it a very useful thing to store licences/security against.
Is there any way to build application for a specific unique device?
Suppose I have one android device and I want to create an apk file for that device only, that apk can't be get installed on any another device, is it possible?
You can use the code in this answer to get the unique device ID.
However, you won't be able to use this to restrict Google Play to restrict your app to this device only, instead, as #ThomasK suggests, you can add a check for this specific device id and finish() if it's not the specific device.
You can limit your app installing from play in many ways, but you cannot restrict it to that extent at a configuration level.
No, you can't do that, Impossible
There are two chances for your purpose:
1st:
when the app starts (that means installing IS possible) you could get the MODEL of the device and if it is NOT the device you designed the app for, you could finish() the activity and the app.
getting the model:
String PhoneModel = android.os.Build.MODEL;
2nd:
Afaik there is a possibility to control what devices are forbidden for your app in the Google Play Store maybe there is not only a Blacklist, but a Whitelist for this?
that apk can't be get installed on any another device, is it possible?
I am not sure about this.But you can decide whether to Enable certain feature based on Device.
Like you can programatically check device wifi mac address which is unique to each device.
If it don't match your criteria don't enable the feature.
I have an app on the market. When you start playing your device id is linked to your account so you don't have to log in manually. For some time now a few people had a problem. They started logging in into different accounts. What seems to be the problem is that some devices give a null value when asked for device id. With a few accounts with a null device id, people were logging into different accounts.
I read that some devices will do that. But it seems that there was no problem during account creation and then playing for a while.
I know this is not the best method and google discourages using device ids since they can change on fabric reset.
Can a device for some reason stop giving its id(besides the fabric reset)?
Anyone know of a different way to identify the user with out him needing to put in a login or password?
Yes some phones have bugs in them where they will return NULL for Android ID. I think if you want to continue to use them you'll always need a way to tie that handset to an account, email, username. That way if the Android ID is unrecognized they could login using their email or username, and password to associate them again. You'll always have issues where someone buys a new phone and needs a way recover their account if you don't.
A better option is every Android phone is attached to a Google account. And using the AccountManager class you can use those credentials to authenticate to your software automatically and the user doesn't have to enter username/password. And you'e centralized their identity. Also with this method you don't require the extra permissions to read data that has potential security issues too.
You could create a random UUID after the user has installed your app.
Do not use hardware ids, because not every type of hardware is found in every type of Android device. Another reason not to use them is, if someone sells his phone, the user changes but the device id not! This has serious privacy and usability implications you do not want to have.
See the talk Android Protips (from google io 2011). Tune in at 15:00 to see more reasons and a detailed descriptions on how to use random UUIDs for your usecase.
I am facing the same problem In my case when first install the app it is giving null id . but after that it is giving me all three IMEI, ANDROID_ID and deviceID.
BTW, you can find the ways to identify the devices here
http://innovator.samsungmobile.com/cms/cnts/knowledge.detail.view.do?platformId=1&cntsId=9640
Also some research prototypes try to prevent phones from collecting this information.