We provide a subscription to our app. Are there any standard technics to prevent users from duplicate installations in different devices?
Asked
Active
Viewed 53 times
2 Answers
1
In app payment requires that you let a user restore his purchases on a different device. I'm not aware of a standard way to verify that the previous devices content was removed.
If you're asking about just copying the files then there's storage encryption which you can read about here. Notice that it is breakable if someone tries.
Shai Almog
- 51,749
- 5
- 35
- 65
-
I don't want a user to install my app on devices at the same time. Is there any information I can collect for identifying a specific device by codename one supported methods? – Daniel Tsai Mar 23 '22 at 04:46
-
I can generate a random number stored in storage encryption while my app first started. The random number and user id will be sent back to my server to check if the random number is different for checking duplicate installation. – Daniel Tsai Mar 23 '22 at 05:07
-
IMEI isn't available and blocked by apple who generally blocks a "true" unique device id to prevent user tracking. Notice that if you use in app purchase this might conflict with required functionality and fail review but that's a licensing issue and not a technical one. – Shai Almog Mar 24 '22 at 04:39
1
You can collect device information from each device and then just compare if the new device is trying to install the app with the same account as in another device.
fnklstn
- 492
- 4
- 16
-
Is there any information I can collect for identifying a specific device by codename one supported methods? – Daniel Tsai Mar 23 '22 at 04:43
-
@DanielTsai based on this answer https://stackoverflow.com/a/50729895/8921111 check https://www.codenameone.com/javadoc/com/codename1/io/Log.html#getUniqueDeviceKey-- Also you can take a look on IMEI, but I think `getUniqueDeviceKey()` method is better. https://stackoverflow.com/questions/68537247/how-to-make-an-option-to-imei-in-cn1 – fnklstn Mar 23 '22 at 17:44
-
-
You also can do something like keeping a session per account. For example, user logs in - it's a new session. You tight it to the account. While this session is valid, you don't allow logging into that account on other devices (with new sessions). If user logs out, you kill the session, but also allow not to use this account in a different log in. – fnklstn Mar 24 '22 at 21:23
-
I have two questions about the account session. 1. A user may not log out even he changes to new devices. he can't log in the new device anymore. 2. If my app transfer to stop status, kill the session. Is this a better way? – Daniel Tsai Mar 25 '22 at 13:16
-
1. You can always add time frames when the session can be killed from the backend. Basically, call verify session connection request -> check if this session is x days old -> if it's old enough, kill it and log the user out from the app. 2. In cn1, if the stop is just killing the app. You can do it if you find it more comfortable. The questions is how you will manage it with log in and log out then. But you are a developer, so the logic design decision is up to you – fnklstn Mar 28 '22 at 14:53