Integrate the dropbox in my application which show security alert

Question

I have developed one application successfully I want to store the database in drop box. So I am using dropbox-android-sdk-1.5.4 example which is working fine to me.

My problem is when I integrate this sdk example application in my application and make a login process at that time it show one error:

"Another app on your phone may be trying to pose as the app you are currently using. The malicious app cannot access your account, but linking to Dropbox has been disabled as a precaution. Please contact [email protected]."

Answer 1

I know this is an old question but there is another possibility that has just bitten me so for future users who may hit the same issue:

If in the process of authenticating you run into an error message like "Another app on your phone may be trying to pose as the app you are currently using." it means more than one app installed on the phone has a callback activity registered for a single app key. You can fix this error by deleting one of the offending apps or by switching to a new app key.

I hit this issue by having different versions (debug & release) of the same app installed.

Source Link

Answer 2

I just examined the code for the SDK, and it happens because you have 2 apps that handle the same scheme for the callback URL that Dropbox login page uses.

So when the user logs in to Dropbox using the browser, after successful login, the browser will open db-123456789://somepath where 123456789 is a unique id for your Dropbox app. If you have multiple apps installed on the device that handles the db-123456789 URL scheme, you will end up receiving that warning.

I imagine that a malicious app could capture the access token when the browser gives it using the db-123456789 scheme by handling that scheme specifically, hence the warning.