I am developing a customer care android application. The client want that only the customer care application should be installed in the Android phone and we should prevent installation of other application. Is there any hack we can do to do that?
Is there any hack we can do to do that?
Fortunately, not from a standard SDK app -- the technical term for this would be "malware".
As the comments to your question indicate, you are welcome to root the device, remove the Google Play Store client (if it exists), and disable the ability to install from non-Play sources by adjusting the secure settings. However, I suspect that this will prevent you from updating your own app without rooting.
Related
On Android can users choose to install any apps permanently?
And if so how does this work? I know when you first get an Android there are pre-installed apps that are permanent and you cant uninstall them but is there anyway in which we can permanently install apps ourselves?
What you're looking for is a 'system app'.
The apps installed on your Android devices can be broadly categorized as system apps or user apps, based on their installation location. The user apps are just all your normal app installations through the Google Play Store, Amazon Appstore or sideloading. These go into the /data partition of your Android phone, which is the part of the internal memory made available for user data and apps.
System apps are basically the apps that come pre-installed with your ROM. In a standard Android user environment, the user doesn’t have write access to the /system partition and thus, installing or uninstalling system apps directly isn’t possible. The process isn’t as hard as it may sound. However, there is a catch.
In order to install an app as a system app on your Android device, your device must either be _root_ed, or have a custom recovery installed (or both).
Here's how to install an app as a system app
By permanantly, I assume installing them as System Apps.
For that, you might need to root your phone. Google "installing android app as system app" and you will get a lot of answers. This is one sample
As the question is generic, so I am not adding the steps.
Easy way- If you don't uninstall an app, it will stay there permanantly. In addition, you can use additional security for preventing accidental uninstallation.
I port my android apps for making bb10 builds . Since now from bb10.2.1 update blackberry has introduced a new concept wherein apk's can be directly installed and can be installed in BB10 devices if the manage apps in settings menu of the phone is made ON. My question is that I wanna restrict my users from doing so and not installing the apk's into bb10 . And take download my app only from appworld.
Has anyone faced and has fixed this issue kindly tell me on how to solve the same.
Based on the Android behaviour, I don't think you can restrict users from doing so.
I haven't tried it on BlackBerry but from what you say, that option sounds analogue to the Unknown sources setting under Security settings on Android. If the user enables the installation of applications from unknown sources on their phone, there is now way to prevent the direct install of the apk (by adding something to your apk or any other way).
There is no way to restrict it to BlackBerry World only. If they get the APK, they can load it directly this way. There may be other ways around it though.
If, for example, your app is for sale and people are side loading a pirated copy, you could change your app to be free, and put some advanced functionality in your app behind an in-app purchase. That way they'll be forced to go through the storefront at some point to pay. This takes bigger changes to your app though, and the IAP implementation is likely different between BBW and GPlay.
You could also put in a version check: when your app launches, it checks a special file on your web server to see what the latest version of the app is. If they don't have the latest version, it doesn't let them use the app until they upgrade. This won't prevent side loading or piracy outright, but you can put out updates often enough to make side loading very annoying. When they are roadblocked and told to get the new version, you can link directly to the storefront to encourage them to get the latest version there.
Thirdly, and lastly, if you port your app to a BlackBerry 10 native, cascades, or WebWorks app, the app file is fully protected and can't be pirated or extracted from BlackBerry World (since the platform is secure). That will 100% protect you from piracy on BlackBerry 10.
I hope this helps!
Does anybody has the Idea of making an android app undeletable.I want to install selected apps on the system memory so that anyone having an access to my phone cannot delete those apps even after resetting the phone...
What I earlier saw was that the apps installed on the system memory cannot be changed or modified by ordinary users...I tried resetting my phone but saw some apps preinstalled from the company remained and all the apps that were downloaded from the play store were deleted..
The answer I got from searching the web was that I could make install an Android app to the system memory...does it make the app undeletable even after resetting or formatting the phone?
You can achieve this by making your application by Developing a Device Administration Application, follow this link http://developer.android.com/guide/topics/admin/device-admin.html.
you could only do this if you root your phone and place the apps inside system/apps.
However, if this is about your phone, why don't you use a password protector for apps, so nobody can access the app manager?
Removing a users choice to uninstall your app, goes against everything most programmers strive for. It's probably against the Google T&Cs also. And as already said, other than Malware or some dodgy virus attempt, there would be no practical (ethical) use for such an app, IMO.
I'm currently developing a small Android app that will not be on the Play Store. It is a private business application that will be used for a non-emergency transport company. The Android app will show drivers a list of pickups and drop-offs that they will have throughout the day and allow them to update the status of those trips. What I'd like to do is have some method of updating the app during off hours or when the device is idle. Ideally, it would be great if someone has already written some kind of Android updater that can run as a service. However, I certainly wouldn't mind writing this on my own.
Either way, all it needs to do is pull an APK from our servers and install that APK. I usually don't like doing things sneaky like this, but our clients want it to be this way so that they won't have to go to each device and press OK on permission prompts and they don't want to leave the responsibility of updating the software to the drivers.
I understand the security concerns, but it seems to me that there should be some way to allow an app to auto-update itself if the user permits it. Also, our app is signed and includes a certificate on the device to verify that the downloaded app is legit.
As CommonsWare mentioned it's not supported by standard android. If you take the path of creating your own firmware and installer take a look at the existing PackageInstaller. The required changes are not so complicated.
I did it for a couple of custom versions and it works.
Either way, all it needs to do is pull an APK from our servers and install that APK. I usually don't like doing things sneaky like this, but our clients want it to be this way so that they won't have to go to each device and press OK on permission prompts and they don't want to leave the responsibility of updating the software to the drivers.
This is not possible, except via custom firmware or on a rooted device.
it seems to me that there should be some way to allow an app to auto-update itself if the user permits it.
You are welcome to build your own customized version of Android that has this capability. Stock Android does not offer this, except to the firmware itself.
A company asked me if I am able to program an Android-App for their internal process but with small mobile-device-management capabilites. I'm aware of the "enable manual apk-installation"-checkbox inside of the Android-Settings-Menu. I think it opens additional security holes if it is permanently checked.
So easiset way is to send a SMS with an URL to this APK, enable checkbox, install the update and disable checkbox manually. A lot to do, to update a program.
Coming from Windows Mobile and Symbian I was able to program a Facade.exe which starts a download and replaces some signed parts. The Application signing of Windows Mobile and Symbian allows this.
Is this possible with Android(not rooted)? I read some articles that it is possible to implement own Markets(like Amazon is doing it). Is it possible to use some of those APIs for the purpose of doing an auto-update. Where are thoes APIs, I am not able to find them.
Is this a solution:
Programming a torch-app(there are thousands around), publishing it to the android market. But with a small button to activate the whole application with a secret password. Updates can be rolled out via android market functionality.
A complete MDM (mobile device management) is overkill.
Is this possible with Android(not rooted)?
Not readily. You can use the techniques used by the Sideload Wonder Machine, extracting the requisite bits out of the SDK to do sideloads via USB. However:
Your Facade.exe implies the user runs Windows.
This implies that the user has the adb drivers for their device for Windows.
Neither of those are guaranteed.
I read some articles that it is possible to implement own Markets(like Amazon is doing it). Is it possible to use some of those APIs for the purpose of doing an auto-update.
You can download whatever you want, such as an APK. You can tell Android to VIEW whatever you want, such as your APK. If you VIEW an APK (and have the right MIME type in your Intent), that will trigger an install or update. The user will be prompted about the install or update -- on an install, for example, it will give them the screen listing all the requested permissions.