I have an Android app that I need to license per device (lifetime), meaning the app should be licensed for the device itself, independent of the user account. If I use a one-time in-app product for licensing, the user cannot purchase a license for another device. They receive a message like "You already own this item," and they can use the app on multiple devices with the same Google account as long as they are signed in.
To address this, I implemented consumable purchases, which work perfectly. However, I now need to maintain the license records on my own server. This is fine, but I’m facing an issue with identifying the device uniquely.
I’m currently using the following method to fetch a device ID:
private String fetchDeviceId() {
return Settings.Secure.getString(getContentResolver(), Settings.Secure.ANDROID_ID);
}
If I use the ANDROID_ID to register the device on my server, the problem arises when the user resets their device to factory settings. The ANDROID_ID changes, and the records I’ve stored become meaningless. The device is then treated as unlicensed, and the user has to purchase a license again.
If I try to use Build.getSerial() to get the device’s serial number, I run into issues on Android 10 and above. This method requires the READ_PRIVILEGED_PHONE_STATE permission, which is only available to system apps or apps signed by the device manufacturer/operator.
My question is: Is there a Google Console licensing policy or a device-based method (that doesn’t require being a system app or manufacturer/operator-signed) to solve this problem?
I’ve seen many questions and answers on Stack Overflow about this, but none provided a solution that works for me. However, I believe there are many developers like me who want to implement device-based licensing, and this is a problem that Google should address (or may have already addressed).
In summary: How can I license my app per device (independent of the user account) in a way that persists even after a factory reset?
Additional Context: I’m aware of the limitations with ANDROID_ID and Build.getSerial().
I’m looking for a solution that doesn’t require being a system app or manufacturer/operator-signed.
I’m open to using Google Play Billing or any other Google-provided solution, but I need it to work on a per-device basis.
I have an Android app that I need to license per device (lifetime), meaning the app should be licensed for the device itself, independent of the user account. If I use a one-time in-app product for licensing, the user cannot purchase a license for another device. They receive a message like "You already own this item," and they can use the app on multiple devices with the same Google account as long as they are signed in.
To address this, I implemented consumable purchases, which work perfectly. However, I now need to maintain the license records on my own server. This is fine, but I’m facing an issue with identifying the device uniquely.
I’m currently using the following method to fetch a device ID:
private String fetchDeviceId() {
return Settings.Secure.getString(getContentResolver(), Settings.Secure.ANDROID_ID);
}
If I use the ANDROID_ID to register the device on my server, the problem arises when the user resets their device to factory settings. The ANDROID_ID changes, and the records I’ve stored become meaningless. The device is then treated as unlicensed, and the user has to purchase a license again.
If I try to use Build.getSerial() to get the device’s serial number, I run into issues on Android 10 and above. This method requires the READ_PRIVILEGED_PHONE_STATE permission, which is only available to system apps or apps signed by the device manufacturer/operator.
My question is: Is there a Google Console licensing policy or a device-based method (that doesn’t require being a system app or manufacturer/operator-signed) to solve this problem?
I’ve seen many questions and answers on Stack Overflow about this, but none provided a solution that works for me. However, I believe there are many developers like me who want to implement device-based licensing, and this is a problem that Google should address (or may have already addressed).
In summary: How can I license my app per device (independent of the user account) in a way that persists even after a factory reset?
Additional Context: I’m aware of the limitations with ANDROID_ID and Build.getSerial().
I’m looking for a solution that doesn’t require being a system app or manufacturer/operator-signed.
I’m open to using Google Play Billing or any other Google-provided solution, but I need it to work on a per-device basis.
Share Improve this question edited Mar 24 at 0:46 Hilory 2,1417 gold badges14 silver badges30 bronze badges asked Mar 23 at 22:31 poison pawnpoison pawn 516 bronze badges 1
- 1 Did you get a chance to read the Device identifier changes blog post which states that it is intentional that device-scoped identifiers that are not resettable are limited access? – ianhanniballake Commented Mar 23 at 23:23
1 Answer
Reset to default 2There are no ids that persist across device reset, on purpose. Thus there is no way to reliably do what you want. And if you do find something, expect it to be patched away in a later Android version. This is to protect user privacy, and prevent problems when devices are sold, repurposed, traded in, etc. Which happens a lot and basing anything on a device id can cause major privacy issues due to it. Whereas factory resets almost never happen.
Your best solution is non-technical. Have the device create a UUID on installation. Register that UUID with the server when they pay for a license. When they attempt to log in, send that UUID, and make sure its in the DB. That's sufficient for the non-reset case.
For the reset case- just don't allow it. Make them either buy another license, or email your customer support. You can then manually make an exception and give them a free license if you see they've already paid for one in the last N years (where N is the reasonable lifetime of a device). Write a note in your CRM to show that you did it, and don't give them more than one or two in that time period.
Will you have a couple of cheaters? Sure. But it will be a tiny fraction of sales, and since a technical solution isn't possible this is your best way forward- and cheaper than spending a lot of time trying to hack something in that ends up not quite working in the end (or ends up exposing other people's data because of the inaccuracies of using device ids to represent people, and opens you up to liability issues for leaking private data).
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744266428a4565886.html
评论列表(0条)