I have a question on the apk distribution. We all know that we can distribute apks through bluetooth, emails etc.
Now, when I download any apk from the google play, the app gets installed and that we cannot share it by using the licensing policies.
I have my apk on a website. I want the same thing. I want fresh installs from the website also. The app should not shared with any1.
Is there any way to this? Any suggestions on how to do this?
As I said in comment, You can not stop users to forward your apk if they have them in storage, what you can do is to delete it after your app installed, but it can be shared before installing.
and there are tools/apps exist in market which claim to convert installed app into apk, and then it can be forwarded to other device.
Similar question on Forward locking of apk
Edit :- though you can not stop user to forwarding of your apk, But can stop other user to use it, if they receive this app from other sources then your web, as I myself did it earlier, by client server communication where a key is getting generated on Server based on mobile IMEI, so this app is going to be activated for particular mobile based on IMEI number. hence if other users try to use it you can check if this IMEI is register or not, and take action accordingly.
Related
I want to sell custom apps so I need to know how I can privately publish them over the net without giving away apk file.
Is there a way that I can give the customer a password that he/she will use to install the app only once from a website
without getting the apk file? After the installation the access to the download should be cancelled.
You cannot install apps without using an APK file, unless the target device is rooted.
Even Google Play downloads APK files for applications. They are stored in /cache/download, which can only be browsed with root access. Once downloaded, they get installed in /data/app, which also requires root access to read.
Google Play alpha/beta testing
What you could do, as a workaround, is use the Google Play alpha/beta testing feature with a private Google+ Community. This will allow you to control who is able to download your application through Google Play, but it will not prevent them from rooting their device, and retrieving the apk.
You will get all the benefits of Google Play, and your customers wont notice any difference, once they've joined the Google+ Community.
Use alpha/beta testing & stages rollouts
The only thing i can think of is have the first activity that starts up create a large random string from the device's id and then send that string to your server ( assuming you have one ). If this is the first time your server receives a code for this app, let them in and store the code, then return a response of "OK" to your app, if its not the first time, check if this is the code you stored previously, if not return "NO", if it is the right code return "OK". then have your app shut down if it doesn't receive "OK" back from your server. This of course adds extra cost and requirements to your app...
If they have to install it on their devices, they have the apk already, and there is no need to root access though, you can retrieve the apk with ES File Explorer in a second. What is your concerns, your codes? Or something else?
I am new to android. I have a application to make where in i have to restrict the application's .apk file getting shared by the user to the other phone android phone holders.
Its like if i keep my .apk file in my own website then i want that the user can download the .apk from my website the cannot share the same .apk with some other person. I want to restrict the sharing of the apk to multiple phones. Everytime a user wants to install the app he/she has to install if from the play or through my website but the .apk shared cannot to installed.
Also i wanted to ask if we can distinguish whether the app is distributed and installed or installed from the play.
So can you please tell me some way out for doing this?
Thanks in advance
1) You can not stop users to forward your apk if they have apk in storage, what you can do is to delete it after your app installed(you should search it via some api and if found delete it), Limitation :- apk can be shared before installing.
and there are tools/apps exist in market which claim to convert installed app into apk, and then it can be forwarded to other device.
Similar question on Forward locking of apk
2) Though you can not stop user to forwarding of your apk, But can stop other user to use it, if they receive this app from other sources then your web, as I myself did it earlier, by client server communication where a key is getting generated on Server based on mobile IMEI, so this app is going to be activated for particular mobile based on IMEI number. hence if other users try to use it you can check if this IMEI is register or not, and take action accordingly.
Unless a user uses a USB cable/Astro file manager like utility, on a ROOTED phone, he wont be able to extract the apk out and transfer to another phone. And the percentage of users knowing how to root a device is very low. So this issue should not arise.
Even if it is assumed a user can very easily extract an apk (which a general user wont be able to), the problem whittles down to generating a unique identifier string on each apk, and then packing it within this apk. Now when it is extracted and installed on another device the app can check with identifier and close after displaying a "no-copying" message.
Note that the identifier should be tied to a unique string, say the device IMSI number, or phone number, or a combination of both. And this string needs to be written to a file that is transferred over when apk is copied, I would recommend a properties file in assets folder within the apk for this. Hope this helps
if somehow we manage to attach the app data folder with that APK.file of that app, then our problem will rectified easily. like if you send the folder of the app to someone then app will automatically loads your data to the other user. if he can't separate that two things (apk. file of APP and data folder of the APP).
Hope it will help you...and me too..
I am planning to drop my app in Google Play(earlier Android Market) because of push notifications (whenever a new version) , security for apk and so on.And also since apk is secured with Google play(paid apks) i dropped of downloading the apk from my website (only authenticated people can download the apk)
Actually its a business app for particular users with username and login access. Everything was fine in the App with login and security mechanisms
I am thinking of a way to restrict the other users who are not from the list while installing itself.
My question is whether any kind of filter or authentication mechanism can we set while downloading the application from the Google play it should ask for a password or something like this to filter the unauthorized users to download the app..
My ultimate aim is i don't want the peoples to try it after downloading unnecessarily
Can anybody help who have tried all those in android market
Ok.. One thing after another..
Google propose their licensing mechanism. However app would need internet connection, which is disadvantage if otherwise it doesn't need it. If I got it right your does need to connect to server so this is not a problem for u.. It seems to me you are already familiar with this method.
Mechanism for password protecting downloading or visibility of apps on Google Play doesn't exist today..
You can identify users with IMEI (in case you don't consider using app on tablets, which doesn't have it), WLAN MAC, BT MAC address or some exotic combination of these methods, and you use this as authentication.
The best solution, from my point of view, is to allow people on market to download it. Your application is already using some mechanism of authentication (user/password) to server. So if 1st thing user need to do is login, and any functionality is disabled if that doesn't pass. If it pass, you already know who is your user and what privileges he has.
The thing is here that I am not so sure what are your concerns when user without login/pass download application if everything after that screen is disabled before authentication. User will download (if they find it..), they will install, try to use it, see that's not possible without credentials and uninstall it.
Hope it helped.. I will try to add few more links in a while..
I am developing an Android application, and common users have to pay for it. But, I want to offer that application for free to my webpage users. I have a login in that webpage, so I can control what users access to the application. So the question is:
If I put the .apk into the private zone of my webpage, and users access it through the mobile, Do they download the application and can distribute it, or it just get installed on the phone?
And what if they access by PC?
Is there any way to avoid the download of the file, and just install it on the phone?
I fear installing without downloading is not possible, maybe you shoud think about a second version which needs a key (e.g. created by the device ID and a secret Prefix.
User is downloading your apk
User get the message he needs to register
User send his Device ID to yor Webpage (and have to login before)
Your Website create a hashkey with the device ID and a secret password
The Application stored the key in the Preferences and will check at startup, if the stored key fit to the Device ID/password Hash.
If you let some download your apk, then it just get downloaded. Users will have to install it manually and what is worse, they won't get updates through the common android market mechanism.
if they have rooted phone then they can do anything with your apk. there is no security in android even you can get the source code of an app.
in your case the only way is to implement certificates.
My android app is not in the app store yet.
Is it possible to send my app to someone, and they install it on their device.
Something like iphone AdHoc?
You can email them your APK. Of course, there are several drawbacks to doing this.
There is not any built in copy protection to lock an APK to a single device so a tester could redistribute your application without your consent. This is something that you will need to deal with even once you are using Market to distribute your application. If you select "Copy Protection On", people will still be able to get at your APK as many people have rooted devices and all this option does is influence where the APK is installed. Google advises, "you may also implement your own copy protection scheme" and I think it's prudent.
Add the READ_PHONE_STATE permission to your manifest so you can retrieve the phone's IMEI, send to your server, and determine if a user should be allowed to run your application.
TelephonyManager telephonyManager =
(TelephonyManager)getSystemService(TELEPHONY_SERVICE);
String imei = telephonyManager.getDeviceId();
Your testers will need to enable "Unknown sources" to allow install of non-Market applications.
Assuming your tester uses Google as their email provider, it is important to note that the Android GMail application doesn't handle APK attachments properly. While this might confuse the recipient of your email, there are easy work-arounds:
Tell them to use the Browser app to download your attachment through the web interface.
Have them download APKatcher first.
Starting in May 2013, Google added Beta and Alpha programs to the Developer Console. You can now upload an APK to either channel and interested users (or users belonging to the specified Google+ Communities or Groups) can now get the application from the Market just like a regular app.
Users cannot provide public feedback so you have to provide them an alternative way to contact you.
At any given time, you can promote (or demote) an app to/from beta/alpha or even Production.
Here's how mine looks:
Effective beta apk distribution, getting crashes as well as feedback from early adopter is known problem in android community. To solve this problem we built a platform Zubhium for developers by developers.
Just upload apk and email address of users whom you want to distribute beta , and click send. That's it . :)
Platform will invite users and keep a track of who, when and where downloaded, Also it will followup with users who downloaded beta for feedback. You can view , reply , communicate back with users from platform.
Optionally you can integrate crash reporting services to get crashes during beta. It will provide granular details like network, device info with exception details. It does bunch of other stuff also.
Have look at www.zubhium.com
There's already an accepted answer three years ago, but let me share a simpler way to deploy your app in present: DeployGate.
With DeployGate, you can deploy your app to your own (or your colleague's) device, in a matter of seconds. All you have to do is uploading your APK file, then send a link or scan a QR code (two-dimensional barcode) with the device. To update, just upload the app again then it will be pushed to all installed devices.
It's carefully designed to eliminate waste in your daily development. The agent app will guides you and/or your colleagues throughout the app installation process, so you can avoid almost all problems you might face, especially if they are non-tech guys. You can even shortcut typing email address and password to associate an account with your devices, just click a button shown on the browser instead. If you want, you can also catch app crashes with a single line of code integration. It magically works to help you keeping your focus on development.
Disclaimer: I'm working on this product. :)
Is it possible to send my app to
someone, and they install it on their
device
Yes, of course. You can share the APK with other people and they can install the application. It's not necessary for the app to be in the Market.
Yes. Upload it to a website or email the ".apk" file to your friend. Have your friend make sure that the option to allow for "Unknown Sources" on the device is checked (Settings > Applications > Unknown Sources). When your friend downloads the application on their device and clicks to run it, it will be installed and should appear in the applications menu ready to be executed.
Dropbox also works (from this answer).
I used it with an .apk file signed with eclipse's debug certificate. You can find this file in your eclipse project's bin folder (from this answer).
You could also user TestFlight that should perfectly fit your needs, for free!