4

Possible Duplicate:
How to know an application is installed from google play or side-load?

We have an application that is portable between several mobile platforms. It provides it's own update mechanism that is needed to fetch the rather large data the application uses. Now this mechanism can also download updated versions of the application. If the user manually installed an .apk, we would like to ship new version to them via this mechanism, but if they installed it from android market (or any other market), the market application will take care of the upgrade and doing it ourselves would conflict with it.

So is it possible to detect, from within the application, whether the application was installed via market or not?

Community
  • 1
  • 1
Jan Hudec
  • 73,652
  • 13
  • 125
  • 172

1 Answers1

7

When installed from Google Play, you will receive a com.android.vending.INSTALL_REFERRER broadcast during the install process. Simply create a broadcast receiver for this, and have a boolean value in your SharedPreferences along the lines of fromGooglePlay, which you can set to true in the receiver.

However, I do not think you can have similar receivers for other app stores, like Amazon's.

EDIT 1:

As @zapl pointed out in the comments, this will not work on Android 3.0 and above, as apps that have not been launched at least once are not eligible to receive broadcasts etc.

However, you can try an alternate solution:

In you app, have a constant boolean somewhere, something like GOOGLE_PLAY_BUILD. When building an apk for Google Play, set this to true, and when building an apk for manual distribution, set this to false. Then simply check it's value at runtime, and act accordingly.

EDIT 2:

To address your concerns about rooted devices distributing your apps, here is a more elaborate system.

Each device has a unique ANDROID_ID (though apparently multi users on 4.2 have multiple ones, despite what the documentation says). Essentially you just need a unique device ID, so even a MAC address will do.

Have a table on a webserver to store the unique ID, whether or not you received the Google Play broadcast and the value of the Google Play flag. When the app is launched for the first time, add these details for that device to the table.

When the app is launched thereafter, simply check if all three of the details match a copy stored locally. If a user gets the app from a rooted user and installs the it, the Google Play flag will seem to match, however the install referrer part won't. Sadly, this will only work on pre honeycomb devices.

Or in a slightly trust based system, you could simply ask the user whether they installed it manually or from Google Play. If you mention it's to select the update method, and not to prosecute them for installing it from outside Google Play, I have a feeling they'll be happy to tell the truth.

EDIT 3

As @Jan pointed out in the comments, there seems to be a getInstallerPackageName() method in PackageManager which can be used for this purpose.

Raghav Sood
  • 81,899
  • 22
  • 187
  • 195
  • AFAIK: You can't receive that broadcast yourself (at least on >= Honeycomb) because just installed apps are inactive and won't receive any broadcast. http://stackoverflow.com/a/12410308/995891 – zapl Nov 15 '12 at 13:54
  • True. I'm editing my answer to provide an alternate solution. – Raghav Sood Nov 15 '12 at 13:56
  • your second solution is what came to me at first, but what if you are trying to see if a rooted user did distribute the apk or not .. you'll get google play true but they are done manually – Jimmar Nov 15 '12 at 14:06
  • Well, you could have a more elaborate checkup for that, but you'd need to have a webserver for that. I'll add this elaborate one to the answer. – Raghav Sood Nov 15 '12 at 14:07
  • Thanks; we are probably going to go with the build flags as it's rather easy especially given the number of flags we have there already and the elaborate system in place to support that. – Jan Hudec Nov 15 '12 at 14:11
  • 1
    @JanHudec There is http://android-developers.blogspot.de/2010/09/securing-android-lvl-applications.html but it not really safe: http://stackoverflow.com/questions/12981397/how-to-secure-android-application-from-app-lucky-pathcer – zapl Nov 15 '12 at 14:22
  • I just found another similar question with more correct answer (linked as duplicate above). – Jan Hudec Nov 27 '12 at 14:04
  • @JanHudec Good find! I didn't know about that method. I've edited my answer to include that option as well. – Raghav Sood Nov 27 '12 at 15:23