As we all know that there are may options available to save the android app apk file.
so if the app is a paid app, it might become a risk for developer.
Could anyone here would be able to help me to know the best practice to be followed in order to prevent your android app from being copied by the app saver applications.
Thats where the Google Play Licencing service plays the role. Here is what is says " With Google Play Licensing, your application can query Google Play at run time to obtain the licensing status for the current user, then allow or disallow further use as appropriate." Check out this documentation for usage instruction Here
Related
I've created an application which only purpose is to download the real full-featured application from a server of mine, ask the user to accept the permissions and install it.
I know that there are some regulations for the Apple App store about this kind of "downloader" applications, so i was wondering if there is any sort of policy or term of use that might be violated if i decide to upload this app to the Google Play store.
Thanks
Check out: https://play.google.com/about/developer-content-policy.html
I believe what you are doing is ok, but would most likely be frowned upon by Google, as they want people to use the Play Store.
Quote from the article:
Malicious scripts and password phishing scams are also prohibited on
Google Play, as are apps that cause users to unknowingly download or
install apps from sources outside of Google Play.
As long as your are informing the user of the download, and not trying to make money, you're good.
I am trying to understand the Android Application Licensing. I read most of the documentation on the android website about this subject, but I'm still confused.
Here is my dilema:
I create an Android app and I'm deciding whether I want to release it as a paid app or in-app billing. Now, I'm currently looking into releasing the app as paid. My understanding is that I can submit the app to android google play ( or market) as paid and specify the price of the app and that's it.
However, I see that google provides the Application Licensing service which seems to allow Google to control a list of users who purchase the app and verify that the user has indeed paid for the app. Otherwise prevent users who have illegally installed the paid app on their devices if they didn't purchased it. Please correct me if I'm wrong so far.
Now, it seems that when the application is first executed, it will use Google's application licensing to check whether the user is authenticated. What will happen if the user does not have internet connectivity? Will the app still be able to launch or will the app require internet connectivity in order to run every time?
Thank you
Andy
Of course checking the license need internet connectivity.Android is doing this using the google play services client in your device.
But the decision making on allowing user access is given to us.We can implement the Policy interface, There we get two methods, processServerResponse() and allowAccess().
processServerResponse(), lets us to preprocess the response we got from licensing server like storing the licensing information locally etc.
allowAccess() decides whether to grant the user access to the application.In this method we can decide whether to allow the user access in case of no internet connectivity.(some policy like, user can gain access 5 times without internet connection etc.)
I have a simple question as to how can we prevent the user to share an apk file from his/her device to others.Like if i put a paid application in the market and a user downloads it . If its downloaded how can i be sure that he doesn't transfer the application to other or puts it in some third party market . I need to find some security measure to do it for my application.Is there any permissions that needs to be added or any third party security .
All the answers are appreciated.
As I came across this link. How can i prevent LVL
The Google Licensing Manager is what you should use which can be found at http://developer.android.com/google/play/licensing/index.html.
This uses some code that you can put at the start of your application that uses the licensing API to check that your app is licensed. This is done by checking that the account that the user is using on their device has paid for the app via Google Wallet and that a refund has not provided. If it is found to have been paid, then you can let the app run, otherwise you can display an error to the user informing them that it is not licensed. Most apps that do this provide a button that will launch the play store at your app to let them download the legit version.
This doesn't directly stop users copying the APK or publishing it on other markets but it ensures that app cannot be used unless has been purchased by the current user on the Google account they are using.
Although there may be ways to circumvent this check but this is probably the best and most reliable way.
Hope this helps.
You can do something like verify user on your server when app launched, but you cannot force user not to share .apk by technical means. Apk can be easily copied from non-rooted device, and there's absolutely impossible to prohibit user to copy .apk from rooted device even if Google adds some copy protection in future.
Suppose I have a wifi network with a walled garden that prevents users from accessing Internet unless an authentication procedure is performed via browser.
Suppose I have an application on Google Play that automates this process for inexperienced people. And suppose 95% of users are inexperienced and unwilling to perform SMS-OTP authentication on a site that is not optimized for mobile.
Scenario
A person asks a clerk how to connect to internet using Android. The clerk suggests the person to download the Android app, but the person responds he has no Internet access because he has no 3G data plan.
Possible workaround
The walled garden portal detects the device running Android by user agent and says: "Would you like to download an APK from our internal network without having to go to Google Play?". The user accepts, unlocks unknown sources and installs the app.
Question
In this scenario, if a user downloads an APK of a Google Play-available application, signed with same key, on his device, will the installed application be linked to Play and subject to updates? And I mean without using a Market linker app.
That's my old answer, don't read it, just skip to the edit portion:
Short answer is no!
I'm sure there're geeky ways around to link an app to its Google Play
variant, but your scenario of non-geeky customers I reckon the best
option is to program the network to allow Android mobile access
(checking the user agent) to play.google.com (maybe even from the
redirection website auto-launch the google play link direct to said
app).
edit:
I'm thinking a bit more on this problem and I would like to change my answer to "I don't know" (what a horrible answer). But I would like to propose a test that you can do it yourself.
The reason I'm changing the answer is because I remember now apps like Titanium and they do link the app to the Play whenever restoring a backup. Of course, Titanium needs root, but that's because it's messing with other apps, not its own.
So in light of what I discusse I'll suggest you a simple test:
build an app, anything, Hello world!
Upload this app to Google Play and make it active
Wait a few hours for Google servers to make it available
Manually flash the same build version (with exact same signing key, etc) to a device.
Reboot the device (to be sure the system will read through installed applications and do communication with Google Play)
Go to Google Play on the device and check if it shows the app
It's possible that the app have the same package name and signed with the same key, the Google Play on the device itself will recognise it as the same and link it.
I have an app that I want to market on google Play. Initially I want to charge a fixed price for the app.
I'm used to marketing apps on the Windows Phone Marketplace where a user simply has to pay to get the app - no "licensing" is necessary because the user can't get the app without paying for it.
I read the material about Google Play licensing and it seems to imply that unless I use the LVL, users can get ahold of my app for free. Is that right? On the other hand, if Google Play won't let them have the app without paying, why do I need to use licensing?
As the docs say, this is really to
verify that the current user did in fact pay for the application on Google Play
This is to combat piracy. Google Play won't give them the app without paying, but they might obtain the app from another source without paying and install it manually. This provides a runtime check.