Is it possible to get a device's telephony ID, MAC Address, serial number, and/or Android ID through a mobile website?
That is, not through a downloadable app, but through a link that the user goes to in the browser on their mobile device?
If so, how?
No, this is not possible. Even for native apps, device identity information is safeguarded behind the READ_PHONE_STATE permission.
As websites cannot request permissions, you cannot retrieve this information outside of an app.
You said you need a unique(ish) ID on a website.
Look into UserAgents: http://en.wikipedia.org/wiki/User_agent which will tell you what kind of device/browser is viewing your webpage
And you can also retrieve the IP address of the user, which may change in future requests to your website.
You could also attempt to store a cookie, but the user may delete their cookies at any time.
For specifics on how to get these, it depends on what your web site is built with.
Related
Sadly I know little to nothing about mobile app development and I am tasked with thinking through privacy considerations a user could have when using a mobile website vs its app equivalent.
For example, when a user browses our mobile website we can collect the following data:
IP
User agent
OS information returned from Javascript, including screen resolution
Cookies from the domain
Of course, this list isn't exhaustive.
So what can easily be collected from a user of a mobile app? (assuming no extra permissions were enabled)
IP
What's the equivalent of a user agent?
What OS/device info is available?
Do apps have "cookies"?
What else?
APMK, we can Collect the below data
Device location.
Device Name.
Device Version.
OS (Android/iOS/Windows)
Cooikes if we are using webview ..etc
I think your question requires more clarifications and answer to the following questions:
Do you have access to the source code ? If yes, you can track basically anything that's in the app using 3rd party tracking services like Google Analytics or other similar stuffs (even your own implementation). If not, do you have access to the API that's used by the application ? If yes, you can probably detect the OS since almost all request have a User-Agent attached to them, platform specific, but from the API requests you can't have much info.
I think the problem should be put the other way around, what do you want to track from a mobile app ? And I can tell you from my experience that there's almost nothing that can't be tracked from mobile apps if you have access to the source code. Regarding the permissions, off-course you won't be able to access something for which you didn't request any permissions, but you can check if the permission is granted anyway (maybe some other part of your app requested those permissions).
Also just a reminder, if you develop apps for EU, make sure you're GDPR compliant, the sanctions can be quite huge for a non-GDPR compliant app.
Yes there is an App where you can find all the info of the Particular info https://play.google.com/store/apps/details?id=com.quixom.deviceinfo
Check it out
I am new to android development so I need a little help.
In my app users can vote for posts but I don't want to make them register because app is very simple and that would be overkill. I want some another way to restrict users so they vote just once. If the method is not very accurate I don't care. In web development it's usually done using IP, is it the same for mobile apps?
Appreciate your help very much.
Every mobile device has a unique id which is called device id. you can use device id to restrict users or another option is to get the device MAC address of the device. MAC address is also unique so you can easily use it restrict users.
You can use an IP but for mobile users that won't work very well because their IP's are always changing. An easy way to do it would be to generate a guid in the app, and save it somewhere permanent (like the app settings). Then whenever you need to id the user just submit that guid to your webservice or whatever you are using. This is an anonymous id that you can then check against etc..
I am making a webapp which will coordinate with an iOS and Android application. There will be a two types of accounts. One will be primarily on the website and the other will be primarily on the Android or iOS app. This question may be too broad, but I'm looking for an authentication pattern which will work for this setup and make sure that the right web account is pairing with the right mobile account. Here's what I've got so far and am hoping you can provide some feedback...
When a mobile app is installed, it will reach out to the server with information such as name and phone number to which a UUID will be returned.
If the web account wants to link with a mobile account, the web account must enter the phone number of the mobile app they want to link to. The server then sends a message to the mobile device so that user can confirm the pairing.
Are there drawbacks to basing the account id on a phone number? Is there a better way to do such two factor authentication? Sorry if this is too vague or undirected and thanks for any help!
Phone number is a bad UUID because there is no way to get the phone number. Other than asking the user. Not reliably. Also, some devices allow dual sims (home and work) and thus would have multiple phone numbers.
A better way is to use the android device id. But even that isn't that great- I could write an app that calls your service with whatever id I want. There's a reason RSA keys use a cryptographic token that changes every minute- it requires you not only to know the id, but to know what the id is now. Otherwise you'd just need to have found out the secret id once and you're in for life.
Is it possible to create android app to find map location using Mobile Number. As soon as the mobile number is entered the app prompts the user of that mobile number to allow access for finding his location.
If yes please suggest the possible ways of creating apps.
Thanks in advance
You can't get exact location from mobile number, because it is subject to mobile security that harm the government policy.
But you can get state name from mobile number, as i have seen on website so that using a web service and some another way we can access that data. Just check out this link.
What kind of access you can ask from just a mobile number? Ofcourse you can make a call to user's mobile by asking him/her for that, and then further more you can ask user to speak his/her location which you can parse at your end. Other than this I am not able imagine any permission. Also as #milind pointed out, you can guess few things like network provider and area from the mobile number, as they are allocated in a pattern. There are few vendors who provide this API as a service, one of them is Mobile Number Tracker.
Following is the scenario:
I have an web application accessible via mobile browser.
I need to detect a mobile device IMEI and sim IMSI whenever an user clicks on link in my app page accessible via web browser. This is to track the same device with same SIM and provide him/her next level of access. User cannot be tracked using loginid as there is no user login kind of option in my page.
The question is how to get unique device id/sim id via mobile browser for a specific mobile device.
For now I am focusing on android based mobile devices. But the target is to make it generic to devices.
Focus of most of the ideas is, what is the kind of access a browser has over the phone and its app?
From a browser link we can open a local app in the following way:
Get Details
here productcateory will uniquely identify a local app and invoke it. But its one way communication. How to get back some response from the point of invocation and populate some hidden form field dynamically.
Via webpage scripts we can store some data locally at client machine and retrieve it later. but the scope is limited and it is no way connected to IMEI or IMSI number.
Is there a way to get a hook to mobile browser app(remember it's like any other mobile application) from the webpage and get the id details via scripts in my page?
Is there any option that html5 provides in this regard? I know there is a localstorage tag in HTML5 and one can store an id in the client location and retrieve it later. But this is limited to the same device and same mobile browser and also this is a different solution to get the imei/imsi number
Let me know if there is any other option without asking user to installing a local app or browser plugin on the device?
~inkriti
For very good reasons it is impossible for the web browser to access the IMEI or IMSI numbers of a mobile phone, without some dastardly hacking that the dev teams hadn't expected.
Also the android browser doesn't support plugins.
Your only option is to create a native app. This answer has some info that will be useful to you: Programmatically obtain the phone number of the Android phone. Its not a perfect solution however.
I would also ask why you want access to the users phone number? If its just to track session just use javascript to generate a unique id and store it in a cookie.
The original issue is probably closed, however for future reference of anyone (like myself) that comes across this question would be something like 2-factor registration with confirmation via text. The closest to getting an IMEI (impossible without native apps) would be to get the user to register and include a text confirmation - the mobile phone number in most cases will be unique, only non-unique when changing devices, and some assumptions can be made from the client-side to guess what device they have, you could even go a step further and ask them to identify the make/os of their device if you were that concerned about unique-ness. However in most use-cases a mobile number confirmation will do the job
The only reliable way is to write an app and have it send a SMS and then track the number on that end; assuming the subscriber has SMS/text service enabled. This won't work on non-phones (tablets).
It is not important, nor is it necessary and it is probably illegal to track the device (IMEI); simply track the subscriber.