I have a request on developing enterprice tracking application. The application should be able to get current postion of the phone and send it to server every 5 minutes. Even if application is running on background - user can easily shut it down. I need to create some sort of restriction for that, maybe password based. In order to shut down this application user must enter a password. And if he is rebooting, application should autorun after rebooting.
Is it possible to do this?
No it is not!
But... I know a trick that can do the work, it's name is AlarmManager
You can set alarm for your application that will alert every 1 sec, and if the application been shut down it will rebuild it self. At this point you can set a password to shut down the alarmManager.
But just to let you know, I been trying this once, Google told me nothing, but users left me a comment that the application is hacking they device ;)
From ICS onwards, any app implementing Device Administration cannot be stopped. But the only drawback is the user can remove the Devvice Administrator.
You could restrict your app to work only when Administrator is On.
One more way is if the user removes the administrator you can lock the whole device with a custom password using resetpassword.
If the devices were rooted you could implement that but you probbaly wouldn't be able to distribute the app as an APK due to the required modification of system files. Maybe as a Zip that is flashed via Clockwork mod. Beware of voiding the devices' warranty though.
Babibu's suggestion regarding Alarms is a novel approach, but be cautious of waking the system constantly as that will drain the battery much faster.
Actually a big problem you'll face is that the user can disable GPS and then you can't programatically turn it back on again - unless you try to use an exploit which is obviously not ideal and won't work on all devices.
A better idea might simply be to report to your server whenever the user disables the application or GPS. You'll know which user disabled it so your organisation can punish that user appropriately.
What you are looking for is Device Administration
http://developer.android.com/guide/topics/admin/device-admin.html
This page explains how it works and how you can change all sort of policies about passwords and disable camera.. et cetera
What they barely talk about is as soon as an application is enabled as device administrator you can't kill it or uninstall it without disabling this feature first. It's up to you to implement enable/disable buttons the proper way.
To be sure the service always restart even if killed by system (in low ressources cases) you need to override this method of your Service :
public int onStartCommand (Intent intent, int flags, int startId)
{
return START_STICKY;
}
Finally to make your service start at boot you need to catch ACTION_BOOT_COMPLETED broadcast.
The main issue is you can't prevent user from disabling GPS or using mock locations but you can detect it and log it. It is a good practice (actually it is mandatory in my country) to notice users they are watched so you can explain them at the same time that you'll know if they mess up with the GPS.
Rooting the phone is another solution but you will likely open more doors than you close ;)
