I am making some application that will be largely user driven and of course that means their will be trouble makers who probably will enter fake data into it using swear words or worse change valid data to bad data(ie changing to swear words)
Of course measures will be taken to try to curb this but in the end of the day I want to have the option to ban someone from my application.
My first thought is ban their account by email address. I was also thinking that maybe on top of that ban their devices.
My questions is is what unique id can I use from their phone if they use
Andriod
Iphone
Blackberry
Windows Phone 7/8
and how unique is it? Can it be easily changed?
For Windows Phone you should be able to use DeviceExtendedProperties. Specifically the DeviceUniqueId property.
Be aware though that, as they say in that article, if you use a device id to ban a user, then any future user of that same device will be banned from your app, even if they've done nothing wrong.
There are 2 identifiers that can be used together to identify a specific device and user.
The DeviceUniqueId and WindowsLiveAnonymousId
the first one is the device, and as noted, anyone who uses the device after the banned user will also be banned.
The WindowsLiveAnonymousId is unique to the user. I have seen this same identifier across 3 separate devices and it is always the same for the users LiveId.
I use the following 2 methods to get these ids for identifying game players for leader-boards:
//Note: to get a result requires ID_CAP_IDENTITY_DEVICE
// to be added to the capabilities of the WMAppManifest
// this will then warn users in marketplace
public static byte[] GetDeviceUniqueId()
{
byte[] result = null;
object uniqueId;
if (DeviceExtendedProperties.TryGetValue("DeviceUniqueId", out uniqueId))
result = (byte[])uniqueId;
return result;
}
// NOTE: to get a result requires ID_CAP_IDENTITY_USER
// to be added to the capabilities of the WMAppManifest
// this will then warn users in marketplace
public static string GetWindowsLiveAnonymousId()
{
string result = String.Empty;
object anid;
if (UserExtendedProperties.TryGetValue("ANID", out anid))
{
if (anid != null && anid.ToString().Length >= (AnidLength + AnidOffset))
{
result = anid.ToString().Substring(AnidOffset, AnidLength);
}
}
return result;
}
They are used as such:
string deviceUniqueId = String.Empty;
for (int i = 0; i < GetDeviceUniqueId().GetLength(0); i++)
{
deviceUniqueId += GetDeviceUniqueId().GetValue(i);
}
DeviceUniqueIDTextBlock.Text = deviceUniqueId;
WindowsLiveAnonymousIDTextBlock.Text = GetWindowsLiveAnonymousId().ToString(CultureInfo.InvariantCulture);
I did a post last May about getting system info on WP7. This code is found here: http://www.adambenoit.com/applications/system-info-windows-phone/
Hope this helps.
All these devices have network interfaces with unique MAC addresses which by definition are constant - the MAC address is burned into the hardware and cannot be [easily] spoofed, especially on a mobile device. I would hash the MAC address and use that as the key. Pretty common practice on iOS once apple banned the use of UDIDs.
I would use the guid method. Though this can be circumvented by uninstalling and re-installing the app. Nothings perfect though
How to create a GUID/UUID using the iPhone SDK
How to get GUID in android?
How to create a GUID on Windows Phone
http://msdn.microsoft.com/en-us/library/system.guid.newguid(v=vs.95).aspx
How to create a GUID on Blackberry http://supportforums.blackberry.com/t5/Java-Development/how-to-generate-GUID/td-p/289947
Related
I have the need to detect a common factor between two apps, one written in Xamarin and one written in Java (Android Studio), running on a users phone.
In the good old days the IMEI did the job nicely. However now I am having to use the Device ID, which is fine for the current purpose, but not perfect.
Anyway, using the following statement in Xamarin gives one result, while using the statement that follows this in Android, gives a different result, both on the same phone.
Why would this be, why is the Device ID not reported as the same value, and is there a way to identify the DeviceID via both platforms that result in the same output ?
Thanks
Xamarin code - Result is "a70c996e74002942"
var Device_ID = Android.Provider.Settings.Secure.GetString(ContentResolver, Android.Provider.Settings.Secure.AndroidId);
Android Studio code - Result is "702669b2e9a6f7d1"
String Device_ID = Settings.Secure.getString(context.getContentResolver(), Settings.Secure.ANDROID_ID);
From the docs
unique to each combination of app-signing key, user, and device
For privacy reasons, two different apps on the same device will have different ids
I am trying to make an app which allows only single account per device. Now what I am trying to know is a property of a phone which never changes. At first I thought I could save MAC address of a device in my database but I read in one of the question on SO that know in android when we try to access MAC address programatically we get a constant that is same for every device.
I would like to know what never changing property of an android device can I access programatically.
Also in future I would like to develop that app for iOS, is there same non changing property of iOS phone that I can access programatically ?
Thank you.
For this purpose, you have to differentiate between devices.
For Android, you can use Device ID
For IOS, You can use vendor ID link.
For IOS : When your app deleted and reinstalled then vendor ID changes so it is better to store your vendor id in keychain using below code.
-(NSString *)getUniqueDeviceIdentifier
{
NSString *yourAppName=[[[NSBundle mainBundle] infoDictionary] objectForKey:(NSString*)kCFBundleNameKey];
NSString *applicationUUIDStr = [SSKeychain passwordForService:appName account:#“Your_App_Name”];
if (applicationUUIDStr == nil)
{
applicationUUIDStr = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
[SSKeychain setPassword:strApplicationUUID forService:appName account:#"Your_App_Name"];
}
return applicationUUIDStr;
}
Im pretty sure these days you can use mac addresses, however if not have you tried IMEI, i have no idea how this would be done.
I'm currently planning on creating an app. Unfortunately the need for usercreation is there. I know users don't like goind through a registration process with opt in by email activation link click.
So I thought maybe using the apple/google id as a replacement for email address would be cool since the verification step by email can be dropped. In addition when the user changes his or her mail address that's no problem since his or her id doesn't change in this case.
I'm not really into this particular topic so I have some questions, any help is highly appreciated:
Is there any numeric/alphanumeric id anyway or is the google/apple id (i.e. the "username") the email address itself?
Is this possible in Android and Apple SDK (and Cordova in addition since I use this one)?
Is this a good idea in general or am I missing something?
Thanks in advance!
You could use the below DeviceIDs solutions as primary key for your users registrations. Look:
1 - Android
1.1 - Android Phones (With SIM chip) - For Android I use the Cordova SIM plugin. It generates uniqueIDs for devices based on SIM chip informations. So, you can manipulate your data based on the plugins return;
Link: https://github.com/pbakondy/cordova-plugin-sim
1.2 - Adroid Tablets - The plugin above is fantastic, but it does not work for devices that does not have any SIM chip. In this case, I use the following code:
if(mContext == null){
mContext = this.cordova.getActivity();
if(dialog == null){
dialog = new ProgressDialog(mContext);
}
}
String tabletID = Secure.getString(mContext.getContentResolver(), Secure.ANDROID_ID);
Conclusion: If you are developing only for phones (App projected for Mobile Phone) you should use the plugin. If your App targets Tablets or devices without SIM card, than you can take a look at the other solution. The IDs generated are "Devices ID", unique for each device.
2 - iOS
For iOS, I use the following code to generate an unique ID for each device:
NSString *uniqueIdentifier = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
The only problem: When user uninstalls all Apps of your iTunes vendor ID from the device and installs any of them again, the ID will be changed. Other easy ways to get Unique ID for iOS is deprecated since version 7.0 of the system.
See more here: Device Id from an iphone app
I need to develop a webapp that needs to know the unique identifier (mac address, for example) of the smartphone that is using it. Most of the methods I'm looking at are cookie/IP based but this is not useful in my case scenario as I'm trying to match the use of a native Android app to the use of its counterpart webapp.
So, is this even possible? If it is, which technology should I use for the webapp development?
Thanks!
You could leave a UUID cookie with the user. When they hop on the app, check the UUID against your list of previous visitors. If you find it, they are not unique.
Edit: by cookie, I mean you could just leave a UUID string file on the user's sd card or store it in a preference of the app.
Presumably the application is installed from the Android Market, so you can't match a site cookie passed in the download URL (or, doubtless, that's exactly what you'd do).
That being the case, can you use URL rewriting? Or at least insert a unique ID into each access to your website, doubtless corresponding to a cookie. Then, when the user downloads the application and runs it the first time it can access the Browser history and look for this unique ID, store it (if it exists) and include it with subsequent server requests.
int occasions=0;
String sessionId = null;
while (cursor.moveToNext()) {
String urlVisited=cursor.getString(cursor.getColumnIndex(BookmarkColumns.URL));
Log.d("Match",urlVisited);
if (urlVisited.contains("www.mysite.com") && urlVisited.contains("MYUNIQUEID")) {
//There's a unique ID. Trim it out of the query string.
sessionId=urlVisited.substring(urlVisited.indexOf("MYUNIQUEID")+10);
if (sessionId.indexOf('&')>-1) {
sessionId=sessionId.substring(0,sessionId.indexOf('&'));
}
occasions++;
}
}
Log.d("Match","occasions="+occasions);
if (sessionId!=null) {
getSharedPreferences("com.mysite", MODE_PRIVATE).edit().putString("SITEID", sessionId);
}
This seems like a bit of a hack - possibly because it is - but it should work and I can't think of another sure way to link browser and custom client requests. Of course if the user cleans his history or cookies before downloading and running the application then the above will not work.
I hope that's of some help.
This question already has answers here:
Is there a unique Android device ID?
(54 answers)
Closed 7 years ago.
I would like to be able to generate unique serial numbers for each Android device for use in unlocking an application. How could I do this?
EDIT:
The reason is I want to revamp a paid application and provide users who have paid for the old version, which will have a different package name, a way to obtain the full version by downloading an unlockable free version of the application. I would push an update to the old version that would generate and display the code that they could enter to turn the Free version into a fully functional version.
You can use the Android id. This id should be unique to devices, but how it is set depends on the implementation of the device manufacturer.
String deviceId = Secure.getString(context.getContentResolver(),Secure.ANDROID_ID);
The Android Id may change on factory reset of the phone and the user is also able to change it on rooted phones. But if you need an id to identify your user it should be fine.
why not using ther google account name? is easy to get and needs only a simple request on the manifest file. they will have purchased the license with gplay, so the g+ account name should be enough...
in the manifest:
<manifest ... >
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
...
</manifest>
to retrieve the account name:
AccountManager am = AccountManager.get(this); // "this" references the current Context
Account[] accounts = am.getAccountsByType("com.google");
to retrieve the name:
accounts[0].name
i write a simple alert to make me sure i have found an account here the whole code:
Account[] accounts = am.getAccountsByType("com.google");
AlertDialog.Builder miaAlert = new AlertDialog.Builder(this);
miaAlert.setTitle("i found an account name!");
miaAlert.setMessage(accounts[0].name);
AlertDialog alert = miaAlert.create();
alert.show();
Android already provides a licensing service for use by paid apps. Is there a reason you don't want to use this? Bear in mind that trying to lock your app to a particular phone is going to really annoy users who switch devices (Eg, all of them, sooner or later).
From Google Developer's solution in solving issue with PRNG, getting unique device serial number via reflection:
http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
/**
* Gets the hardware serial number of this device.
*
* #return serial number or {#code null} if not available.
*/
private static String getDeviceSerialNumber() {
// We're using the Reflection API because Build.SERIAL is only available
// since API Level 9 (Gingerbread, Android 2.3).
try {
return (String) Build.class.getField("SERIAL").get(null);
} catch (Exception ignored) {
return null;
}
}
You can use Serial Number as a unique Identifier as they are availbalble in all devices.You should not use IMEI as a unique identifier as they are not abalibale in WIFI Tabs(tabs that do not have SIM Card Slot).
You can use
try {
Class<?> c = Class.forName("android.os.SystemProperties");
Method get = c.getMethod("get", String.class, String.class);
serial = (String) get.invoke(c, "ril.serialnumber", "unknown");
} catch (Exception ignored) {
}
You can use the IMEI no for this.