I want to save data on device itself that would be persistent even after deleting the app and installing it again (data can even be one int/date).
According to my knowledge it is impossible because each app can store data only on it's sandbox (I know I can use iCloud etc. but I don't want any services user can not have or give the app specific permissions).
As to my understanding the only option to do that is to store it on my server.
But, Apple doesn't allow to send UDID or any other specific device ID and I can't get the iTunes ID. I know I can use any other ID like Facebook ID but the app doesn't have it and that would make a really bad user experience.
I've download apps that does just that successfully (saving data specifically to my device that been recovered even after deletion and without the need to enter any ID or login process). How do they do it? Do they send UDID to some server and apple miss that or there is a way to save data outside the app sandbox?
Well there is the KeyChain, which can store data the would kept even if you delete the app.
We do that too in our app:
Basiclly we create an UDID of our own and store that on the device (in the keychain).
Combined with user id that gives us all we need on the server side to identify the user and his device. We don't store any other app data on the device, all is server managed.
You could pack your data up, store it in the documents folder for your app, and back up your device to the cloud or iTunes. you can then do a restore to get it back. You just can't do anything on your phone between the backup and the restore. Just saying.
Related
I am trying to install an app from Google Play store and I see Device & app history permission.
does anyone know what android permission in manifest causes "Device & app history" permission?
Device & app history
Allows the app to view one or more of: information about activity on the device, which apps are running, browsing history and bookmarks
OK, after researching about this mysteries Android permissions, I got my answer from Adam P. in Android Communities. Thanks Adam.
If you look at the picture below, you will see a description for Device & app history permission for an Android app. At first, this permission description sounds really bad. If you don't know the reasoning behind why all those 3 permissions listed under one group, you would think that this app is really accessing your list of apps, your browsing history and bookmarks. WOW! what a scary thing!
We all know that Google's Android permission system is really broken. From the non tech-savvy people's point of view, this message will scare them and they may not even install your app. Simply, this message on the permission dialog is misleading. Why? actually this sample app needs "retrieve running apps" permission only.
Now, if you pay attention to the message, it reads "one or more of:". What do you mean by "one or more of:"?
Why can't you just display it in a simple format instead of confusing users?
Lesson learned: apparently, one permission from that group is enough to trigger to show that message shown in #1.
Here are the permissions under Device & app history group permission:
Read sensitive log data (android.permission.READ_LOGS)
Retrieve system internal state (android.permission.DUMP)
Read your web bookmarks and history (com.android.browser.permission.READ_HISTORY_BOOKMARKS)
Retrieve running apps (android.permission.GET_TASKS)
Now, if you close the dialog shown on #1 screenshot and then scroll down on the Google Play Store app, you will see a text link reads "View details" shown on #2 screenshot. Click that to see a little bit different version of these permissions. By the way, this link is hidden down in the page and I wonder how many users find that link.
This is what I like. It's clear and concise. Whereas in #1 screenshot, you need to be a linguistic teacher to understand what Google's copyeditors' message mean. Obviously, the first permission dialog in #1 confused me.
OK, this is an extra bonus for you to get confused even more. This sample app apparently requires your phone number to create an account. Nowadays, a lot of social apps started doing that.
Now, if you hold down your app's launcher icon and drag onto App Info button, you will go to your app's details section. Suddenly, you will see this yellow scary message reads "this may cost you money". Well, I know this app does not make a call at all. It just used your phone number to register an account. Google, is it fair to scare people off with that message when the app doesn't really do that?
Conclusion:
Lesson learned; the group permission can be triggered by one permission within and that can cause to show those scary messages.
I am still waiting for the day that Google changes these permissions system. Instead of asking me Yes or No question before installing, I would like to customize the app permissions while I am installing.
Wouldn't it be nice if you check/uncheck each permission and install the app? And, you can turn on more permissions in the app's settings view if necessary. By the way, App Ops won't help with that much.
some more info at: https://support.google.com/googleplay/answer/6014972?hl=en
You're leaving out an essential point concerning these permissions groups. According to Google's Review app permissions (your source) it states the following:
Permissions groups
Permissions groups are designed to show what an app will be able to
access on your device. With permissions groups, you can quickly see
what capabilities or information an app may use before downloading it.
Also, you can review individual permissions at any time using the
Google Play Store Play Store app.
It's a good idea to review permissions groups before downloading an
app. Once you've allowed an app to access a permissions group, the app
may use any of the individual permissions that are part of that group.
You won't need to manually approve individual permissions updates that
belong to a permissions group you've already accepted.
I got an app on my phone that I wanted to update today and noticed that it now asks for access to the Device & app history permission group. As you suggested, the drill down via the Permissions details shows that in reality, it is only requiring the 'retrieve running apps' permission. Great! .. you might think ... but NOT!
If I proceed and accept this now in good faith that I'm OK for this app to see what apps I got running, a subsequent update of this app is NOT going to ask again for access to the Device & app history permission group if they ADD another permission from this same permission group. In other words, today I approve this, granting access to Retrieve running apps (android.permission.GET_TASKS), but as a consequence of that I will not get a new approval request if a next app update adds any of these permissions:
Read sensitive log data (android.permission.READ_LOGS)
Retrieve system internal state (android.permission.DUMP)
Read your web bookmarks and history (com.android.browser.permission.READ_HISTORY_BOOKMARKS)
My conclusion is that if the developers of this app decides they want to obtain eg. my browser history for whatever reason (ads?), they can just add the com.android.browser.permission.READ_HISTORY_BOOKMARKS to their app and I will not be notified when it automatically updates since I have already granted the Device & app history permission group.
Device & app history
Allows the app to view one or more of: information about activity on the device, which apps are running, browsing history and bookmarks
I was wondering how to deal with UILocalNotifications that were created using my app but the app then got deleted.
Lets say that after creating a few notifications, the user decides to delete the app, but i've noticed that even though the app is deleted the notifications lived and they still fire in the correct time, but this doesn't make sense to me since the app is not existant in the phone anymore.
I understand how this is possible, but i would like to know if there a way to delete such notifications when the user decides to get rid of my app?
And does this happen as well if the app is being updated?
Thanks.
Another way is to use APNS (remote notifications) instead of local notifications.
This way, once your App was removed, pushed notifications will not get to the device anymore , nor to the user's attention.
At this stage you can be aware of the App's removal (using APNS feedback service) and cease your sending mechanism for that user (his push token..)
I am using Urban Airship to test push notification and it went well.
My problem is how do I specify which user to get the notification not just the device token.
I mean in some situations where one device has multiple users, so many users registered the same device token to server.
Or do I have to do the filter on the device (client side) itself?
There's no real way to do what you want unfortunately. In APNS there's only such thing as a device. You push a device and it shows a message / badge / sound on that device.
If your app can have multiple users associated with it then you'd need to work out from the push which user it relates to and handle it accordingly. How you do that would depend on your app but you could add in a custom key to the push which indicated the user it's for.
If your app only ever has one user logged in at once then I suggest that when you hand the push token to your server, the server first turns off push for the user that the token was originally registered for and subsequently turns push on for the new user.
Hi
I'm working on an iphone app that needs to be maintain a somewhat unique identifier per download. Is there a way to retrieve either the Apple ID used to download the App or another identifier I can use to link all devices with that download to a remote database/service?
Basically I want a single instance of my custom-generated data sitting on whatever device is linked to a certain Apple ID. If iTunes signs any App that you download, using that checksum would also be an option.
Any thoughts?
If you use IAP(In App Purchase), you can tie a users purchase to a single receipt, and verify that receipt against Apple's servers.
For App store purchases, as opposed to IAP, Apple allows, and pretty much forces a developer to allow their App store apps to run identically on as many devices as a customer can put their iTunes account on, with no information available to the app about whether this was the customer's first install or their Nth. If that business model doesn't work for you, don't put the app for sale in the App store.
As far as I am aware, there is absolutely no way to get access to the current signed-in Apple ID on the device. Your only real option is to maintain your own username/login combo that the user has to enter on each device they own.
I don't believe you can get the Apple ID, but you can however get the current device's ID via the UIDevice uniqueIdentifier method.
For example:
UIDevice *ourDevice = [UIDevice currentDevice];
NSString *uniqueIdentifier = [ourDevice uniqueIdentifier];
However, you should note the following (emphasis mine) from the above linked document:
A device’s unique identifier
(sometimes abbreviated as UDID for
Unique Device Identifier) is a hash
value composed from various hardware
identifiers such as the device serial
number. It is guaranteed to be unique
for each device. The UDID is
independent of the device name. For
devices that use a SIM (subscriber
identity module) card, the UDID is
independent of the SIM card.
For user security and privacy, you
must not publicly associate a device’s
unique identifier with a user account.
You may use the UDID, in conjunction
with an application-specific user ID,
for identifying application-specific
data on your server.
I want to make an application that has some views for information display. If I install my app on my iPhone then it should display the info. If I then install that app on my iPad then the app should recognize the device and display the info related to my account.
Is there any way to find the single user of two devices without the user's iTunes credentials, or is it possible to generate a key that can identify the common user of both devices?
No, currently there is no way to associate multiple devices to a single user owning those devices given the information you've provided.
However, if you added, "the information I want to display in the views, pertains to the same user account in Game Center for both devices", then you could use the player's identifier from Game Kit API.
https://developer.apple.com/game-center/
This is being added well after the fact, but:
You could use iCloud APIs to accomplish this. These are distinct from iTunes credentials, but obviously the same type of prerequisite in that the user must have an account and it's not under your control.