introduce
I have been using IMEI as a unique identifier before, but the disadvantage is that permissions are required:
-
Prior to Android 10, the READ_PHONE_STATE permission was required
-
Android 10 restriction, requires READ_PRIVILEGED_PHONE_STATE permission
Because the major applications in China have too many permissions, they don’t pay much attention to this, but if they need to be published abroad, such as Google Play, etc. Then these permissions will bring you trouble, they value privacy very much, some people don’t care, but some people will directly uninstall when they see that you have obtained such sensitive permissions, and if it is more serious, they will directly report it. So in terms of permissions, if you publish abroad, you need to pay attention.
So can we get the unique identifier of the device without using permissions?
-
ANDROID_ID (included in the system).
-
Android OAID (provided by third-party SDK).
-
Use Mac address
Using a Mac address requires the ACCESS_WIFI_STATE permission. Different versions need to be processed in different ways, so I won’t introduce it here. Let's focus on Android ID.
Android 10 restrictions on non-resettable device identifiers
Starting with Android 10, apps must have the READ_PRIVILEGED_PHONE_STATE privileged permission to access the device's non-resettable identifiers, which include the IMEI and serial number .
Note: Third-party apps installed from the Google Play Store cannot declare privileged permissions .
Affected methods include:
- Build
-
getSerial()
-
- TelephonyManager
-
getImei()
-
getDeviceId()
-
getGirl()
-
getSimSerialNumber()
-
getSubscriberId()
-
So the dream was shattered.
ANDROID_ID
A randomly generated 64-bit number (represented as a hexadecimal string) that is unique to each combination of app signing key, user, and device when the user first sets up the device . The value of ANDROID_ID is qualified by the signing key and user . This value may change if a factory reset or APK signing key change is performed on the device .
In a word: ANDROID_ID is a string of characters generated by the device's system for the first time, which can basically guarantee uniqueness. But rooting, flashing or restoring factory settings will cause the ANDROID_ID of the device to be reset.
method of obtaining
public final class Settings {
...
public static final class Secure extends Settings.NameValueTable {
...
public static final String ANDROID_ID = "android_id";
}
}
How to get Kotlin
var id= Settings.Secure.getString(this.contentResolver,Settings.Secure.ANDROID_ID);
Log.e("Android ID-Kt",id)
How to get Java
String id= Settings.Secure.getString(this.getContentResolver(),Settings.Secure.ANDROID_ID);
Log.e("Android ID-Java",id);
Android OAID
Because traditional mobile terminal device identifiers such as the International Mobile Equipment Identity (IMEI) have been recognized as part of user privacy by some countries, and there is a risk of tampering and fraudulent use, non-manufacturer system applications in Android 10 and subsequent versions Device information such as IMEI and MAC will not be obtained. Failure to obtain IMEI will have a certain impact on device identification in the process of user behavior statistics.
Recently, the Mobile Security Alliance has launched a supplementary device standard system solution to this problem in conjunction with domestic mobile phone manufacturers, and selected the OAID field as an alternative field such as IMEI. The OAID field is a device identification field jointly launched by China Academy of Information and Communications Technology and Huawei, Xiaomi, OPPO, VIVO and other manufacturers. It has certain authority and can meet the usage scenarios of user behavior statistics.
