TrustDevice-Android
A lightweight library for determining device uniqueness and risk identification.
Create a device identifier based on basic device information.
Will remain the same after uninstalling and reinstalling or clearing app data.
Quick start
1. Add repository
Add these lines to your build.gradle
.
allprojects {
repositories {
maven { url 'https://jitpack.io' }
}
}
If your version of Gradle is 7 or newer, add these lines to your settings.gradle
:
repositories {
...
maven { url 'https://jitpack.io' }
}
2. Add dependency
Add these lines to build.gradle
of a module.
dependencies {
...
implementation 'com.github.trustdecision:trustdevice-android:1.0.1'
}
3. Get deviceInfo
DeviceInfo contains device id, risk information and device details.
3.1. Option 1
// initialization
TDRisk.init(context);
// usage
JSONObject deviceInfo = TDRisk.getBlackbox();
// Obtain deviceid and risk information through deviceInfo
String deviceID = deviceInfo.optString("device_id");
JSONObject deviceRisk = deviceInfo.optJSONObject("device_risk_label");
JSONObject deviceDetail = deviceInfo.optJSONObject("device_detail");
getBlackbox
method executes in the calling thread and takes time to execute.
3.1.2. Option 2
TDRisk.Builder builder = new TDRisk.Builder();
builder.callback(new TDRiskCallback() {
@Override
public void onEvent(JSONObject deviceInfo) {
// Obtain deviceid and risk information through deviceInfo
String deviceID = deviceInfo.optString("device_id");
JSONObject deviceRisk = deviceInfo.optJSONObject("device_risk_label");
JSONObject deviceDetail = deviceInfo.optJSONObject("device_detail");
}
});
TDRisk.initWithOptions(context, builder);
callback
is in a sub-thread, please do not perform UI operations.
Data Sample
{
"device_id": "E9BE9A73B4AEA5A94B36FABC0BF5AF302DC332E4BCB7D10F5F5F7B507DF2A782",
"device_risk_label": {
"root": "false",
"debug": "true",
"multiple": "false"
},
"device_detail": {
"abiType": "arm64-v8a,armeabi-v7a,armeabi",
"accessibilityEnabled": "0",
"adbEnabled": "1",
"allowMockLocation": "0",
"androidId": "5fa5f2bdc283000c",
"androidVersion": "13",
"appList": "com.trustdevice.android",
"availableMemory": "2981945344",
"availableStorage": "50888110080",
"batteryHealthStatus": "good",
"batteryLevel": "76",
"batteryStatus": "charging",
"batteryTemp": "230",
"batteryTotalCapacity": "2800.0",
"brand": "google",
"coresCount": "8",
"country": "CN",
"cpuHardware": "Qualcomm Technologies, Inc SM8150",
"cpuProcessor": "AArch64 Processor rev 14 (aarch64)",
"dataRoaming": "0",
"debug": "true",
"defaultInputMethod": "com.google.android.inputmethod.latin/com.android.inputmethod.latin.LatinIME",
"developmentSettingEnabled": "1",
"display": "TP1A.220624.014",
"filesAbsolutePath": "/data/user/0/com.trustdevice.android/files",
"fingerprint": "google/flame/flame:13/TP1A.220624.014/8819323:user/release-keys",
"gsfId": "",
"hardware": "flame",
"host": "abfarm-release-rbe-64-00043",
"httpProxy": "null",
"kernelVersion": "4.14.276-g8ae7b4ca8564-ab8715030",
"language": "zh",
"manufacturer": "Google",
"mediaDrmId": "A069CC34B11C17F1C390575C794166F83CDE53B0887D2F718EDC901ED337FDF4",
"model": "Pixel 4",
"packageName": "com.trustdevice.android",
"product": "flame",
"root": "false",
"screenBrightness": "63",
"screenOffTimeout": "30000",
"screenResolution": "1080x2280",
"sdkVersion": "33",
"sensorsInfo": "LSM6DSR Accelerometer:STMicro,LIS2MDL Magnetometer:STMicro,LSM6DSR Gyroscope:STMicro,TMD3702V Ambient Light Sensor:AMS",
"systemAppList": "com.google.android.networkstack.tethering,com.google.omadm.trigger",
"timezone": "中国标准时间",
"totalMemory": "5730922496",
"totalStorage": "53684973568",
"touchExplorationEnabled": "0"
}
}
Open Source Features
- Basic device ID, This identifier is stable, it will remain the same even after uninstalling and reinstalling your app. But it will be different after factory reset of the device.
- Basic equipment information, which can be used for simple data analysis
- Basic risk identification ability
RiskLabel | Risk Description |
---|---|
root | Attackers will have higher privileges and can install many cheating software to affect the normal development of application business. |
debug | Applications can be modified by attackers at will, and the program will return unexpected values. |
multiple | Attackers can clone multiple app. |
Open Source VS Pro
Open Source | Pro | |
---|---|---|
100% open source | Yes | No |
Device ID | Basic | Extremely stable |
Device Risk Label | Basic | Extremely rich |
Device Details | Basic | Extremely rich |
IP Location | – | ✓ |
Device Risk Score | – | ✓ |
Environment Risk Evaluation | – | ✓ |
Fraud Tools Detection | – | ✓ |
Behavioral Activity Capturing | – | ✓ |
Pro Introduction
TrustDecision TrustDevice has the leading device fingerprint technology, which has been integrated by more than 10000 global leading brands, protecting the entire customer journey.
There are 6 leading core features about TrustDevice Pro:
1. Wide Coverage
Comprehensive coverage of Android, iOS, Web, H5, applets and other device types.
2. Stable and Reliable
TrustDevice served more than 10,000 clients, 200 million+ daily active users , and 6 billion+ devices , with excellent product functions and stability. The fingerprint accuracy of different terminal devices exceeded 99.9%, and the output of risk labels exceeded 70 items.
3. Unparalleled Safety
TrustDevice’s code virtualization & obfuscation technology make the malware fraudsters suffer from painful cost and imprecision when performing reverse-engineering.
4. Core Intellectual Property
Fully independent intellectual property rights, with a number of patented technology.
5. Security Compliance
TrustDevice is committed to the highest standards in security and compliance to keep your data safe. GDPR/CCA/PCI DSS/ISO 27701/ISO 9001 Compliant.
6. Easy to Deplo
SaaS(Software as a Service)deployment supported, reducing massively your integration cost and enabling rapid access to device fingerprint service.
Where to get support
We are happy to provide technical support for our open-source trustdevice-android library. We recommend using GitHub Issues to submit bugs or Discussions to ask questions. Using Issues and Discussions publicly will help the open-source community and other users with similar issues.
In addition, any idea or interest in using TrustDevice Pro can be found on the www.trustdecision.com, registered account for a free trial; or via email [email protected] contact us directly and quickly open the service.
TrustDevice Android Demo App
Try the library features in the TrustDevice Android Demo App.
Compatibility
Items | Description |
---|---|
Supported System Versions | Android5.0+ ( API 21+ ) |
Supported Architecture | armeabi-v7a, arm64-v8a, x86 |
TrustDevice Pro VS Others
Type | Scene | Result | TrusDevice Pro | Fingerprint | Seon | Sift |
---|---|---|---|---|---|---|
Device Fingerprint Compatibility | Support Hongmeng system, including HarmonyOS 3.0, etc. | Able to collect device info and generate device ID | ✅ | ✅ | ✅ | ✅ |
Android 5.0 and above, including Android 14, etc. | Able to collect device info and generate device ID | ✅ | ✅ | ✅ | ✅ | |
Device fingerprint uniqueness | Different Apps (with different package names) on the same device | Device fingerprint/ID matches | ✅ | ✅ | ✅ | ✅ |
The same app on two unique devices (including the case of the same device model and the same system version) | Device fingerprint/ID should not match. Each device to have its own unique device fingeprint/ID | ✅ | ✅ | ✅ | ✅ | |
Device Fingerprint Stability | Uninstall and reinstall of app | Device fingerprints/ID are consistent before and after reinstallation | ✅ | ✅ | ✅ | ✅ |
Clear all app data | Device fingerprints/ID are consistent before and after clearing all app data | ✅ | ✅ | ✅ | ✅ | |
Disable all app permissions except network permissions and clear app data | Device fingerprints/ID are consistent before and after disabling all permissions | ✅ | ✅ | ✅ | ✅ | |
Modify the common information of the device system (brand, model, IMEI number, MAC address, etc.) through the device modification tool | Device fingerprint/ID still matches with before modification | ✅ | ✅ | ✅ | ❌ | |
Running same app in two instances using virtualization on the same device (i.e. using parallel space or dual space tools) | Device fingerprint/ID still matches between both app instances | ✅ | ✅ | ✅ | ✅ | |
Android system upgrade | Device fingerprint/ID are consistent before and after system upgrade | ✅ | ✅ | ✅ | ✅ | |
Factory reset (including Android 10 and above, etc.) | The device fingerprints are the same before and after the device is restored to factory settings | ✅ | ❌ | ❌ | ❌ | |
Device Fingerprint Risk Identification | Secondary packaging | Ability to identify secondary packaged unofficial apps | ✅ | ❌ | ❌ | ❌ |
Replay attack | Ability to identify replay attacks | ✅ | ❌ | ❌ | ❌ | |
Suspected risky ROM | Ability to identify suspected risky ROMs | ✅ | ❌ | ❌ | ❌ | |
Device location information has been tampered with | Ability to identify tampering of location information | ✅ | ❌ | ❌ | ❌ | |
The device does not have a SIM card inserted | Can identify whether the device is inserted with a SIM card | ✅ | ❌ | ❌ | ❌ | |
The device uses an HTTP proxy | Can identify HTTP proxy risks | ✅ | ❌ | ❌ | ❌ | |
The device uses a VPN proxy | Can identify VPN proxy risks | ✅ | ❌ | ❌ | ❌ | |
The device is Rooted | Ability to identify root risks | ✅ | ❌ | ✅ | ✅ | |
The device is an Android emulator | Can recognize emulator/simulator | ✅ | ❌ | ✅ | ❌ | |
The device is an Android cloud emulator | Ability to recognize cloud emulators | ✅ | ❌ | ✅ | ❌ | |
The device is an Android cloud real device | Can identify cloud real device | ✅ | ❌ | ❌ | ❌ | |
Devices use system virtualization tools (i.e. parallel space, dual space, etc) | Able to identify system virtualization tools | ✅ | ❌ | ❌ | ❌ | |
The device uses the virtualization tool to launch multiple instances of same application | Recognize multiple instances of same applications on same device opened via virtualization tool | ✅ | ❌ | ❌ | ❌ | |
The device uses the device modification tool to modify the device parameter information | Ability to identify mainstream modification tools | ✅ | ❌ | ❌ | ❌ | |
The device uses scripting tools | Can identify mainstream scripting tools | ✅ | ❌ | ❌ | ❌ | |
The device uses the group control tool (tools to control multiple devices via a single terminal – device farm/device group) | Can identify mainstream group control tools | ✅ | ❌ | ❌ | ❌ | |
The device is in Android ADB debugging state | Able to recognize Android ADB debugging | ✅ | ❌ | ❌ | ✅ | |
The device uses offerwall software (ad scamming software) | Ability to identify devices using offerwall software | ✅ | ❌ | ❌ | ❌ | |
Security and Stability | Code Protection | The device fingerprint SDK and JS have code protection mechanisms (such as VMP), which effectively resist black hat cracking attempts to manipulate code logic and falsify data | ✅ (OLLVM, VMP) | ❌ | ❌ | ❌ |
Downgrade | Intercepting and sending collection requests in the Android environment can still generate device fingerprints normally | ✅ | ❌ | ✅ | ❌ | |
Anti packet capture | Android has the ability to prevent packet capture | ✅ | ❌ | ❌ | ❌ |
License
This library is MIT licensed. Copyright trustdecision, Inc. 2022.