Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Android ID as an alternative to Device ID

My apps have always used DeviceId as a unique identifier and this, of course, requires READ_PHONE_STATE as a permission. That has been ok in the past but now I have migrated to Marshmellow 23 where asking for this permission displays a very scary dialog at run time saying...

"Allow {my app} to make and manage phone calls?"

That's a pretty hideous message for an app that just wants to get deviceId.

I'm thinking of switching over to Android ID as it doesn't require any permission.

String androidId = Settings.Secure.getString(getContentResolver(), Settings.Secure.ANDROID_ID);

Googling around I see there have been some problems using android ID but it's all old stuff. Back in Froyo days there was a phone vendor that produced the same ID for all of their phones but that's about all I have seen.

Is anyone aware of any problems using Android ID? Thanks, Dean

like image 404
Dean Blakely Avatar asked Aug 20 '16 23:08

Dean Blakely


People also ask

Is device ID same as Android ID?

All smartphones and tablets are identified by a unique device ID. The Android unique device ID is called the Android Advertising ID (AAID). It's an anonymized string of numbers and letters generated for the device upon initial setup. None of the user's personal information is included in an Android ID.

Is Android ID unique for device?

The android Device ID is a unique code, string combinations of alphabets and numbers, given to every manufactured android device.

What is device ID in Android?

The definition of device ID A device ID is a unique, anonymized string of numbers and letters that identifies every individual smartphone or tablet in the world. It is stored on the mobile device and can be retrieved by any app that is downloaded and installed.

How do I find Android device ID?

To find your Android Device ID, there are two methods you can use. You can type in a special dialer sequence, *#*#8255#*#*, though this does not work on all devices. Alternatively, you can download a third-party Android app called Device ID to display this alphanumeric key, which works on all phones.


1 Answers

What unique identifier you choose to use depends heavily on what specific use case you need the identifier for. The Best Practices for Unique Identifiers training goes through many common use cases and which identifier to use. They do have a number of tenents of working with Android Identifiers:

1: Avoid using hardware identifiers. Hardware identifiers such as SSAID (Android ID) and IMEI can be avoided in most use-cases without limiting required functionality.

2: Only use Advertising ID for user profiling or ads use-cases. When using an Advertising ID, always respect the Limit Ad Tracking flag, ensure the identifier cannot be connected to personally identifiable information (PII) and avoid bridging Advertising ID resets.

3: Use an Instance ID or a privately stored GUID whenever possible for all other use-cases except payment fraud prevention and telephony. For the vast majority of non-ads use-cases, an instance ID or GUID should be sufficient.

4: Use APIs that are appropriate to your use-case to minimize privacy risk. Use the DRM API API for high value content protection and the SafetyNet API for abuse prevention. The Safetynet API is the easiest way to determine whether a device is genuine without incurring privacy risk.

In the vast majority of cases, Android ID is still not the right thing to use.

like image 167
ianhanniballake Avatar answered Nov 07 '22 08:11

ianhanniballake