Make sure the Android application was installed from Play-Store

Question

I've recently discovered the BlackMarket application, it is a rip of Google Play-Store apps, where these people take a paid app from the Play-Store and let their users download it and use it for free.

As a developer which plan on charging a buck for my app, this bothers me, and I would like to make sure that my application was installed via the Play-Store, or whatever store I approve of.

I guess that the only way to verify this sort of thing is via the campaign tracking, but since Google analytics v2, the tracking of the campaign is done with in a receiver in the Jar.

Is there any other way to determine the origin of the installation of my app? Is there a way to intercept the campaign tracking data?

Thanks.

If its a paid app on the play store you can use the google license API http://developer.android.com/google/play/licensing/index.html. This checks that the app was purchased via the users Google account and if not you can display an error and take them to the play store to make the purchase — Boardy, Jul 31 '13 at 11:52
Check this first: http://developer.samsung.com/forum/thread/getinstallerpackagename-return-value-in-samsung-phones/77/177735 . Then `PackageManager pm = getPackageManager(); String installationSource = pm.getInstallerPackageName(getPackageName());` - When installed from the marked, the installationSource will return something like `com.google.android%` or `com.android.vending%` - However this changes and you have to maintain (support) it in case of a change - otherwize it will return null (from debugger) or some other package name, from some other application (the undesired ones :)). — g00dy, Jul 31 '13 at 11:52
@Boardy This check is per user or device of a user? what if the device has two accounts on it? — TacB0sS, Jul 31 '13 at 12:04
@g00dy This seem like the most comfortable choice, it is a shame not all stores provide the same mechanism, and make sure that the developer would know the origin of installation of the app. — TacB0sS, Jul 31 '13 at 12:06
Yeah, it's really a shame, but how else can you know that? I'm really interested in this ... However, is this method applicable in your case? — g00dy, Jul 31 '13 at 12:11
It is my app, so I can perform the check, and if it was not installed from the play-store, I would disable the app, and redirect the user t the play-store, I'll check it with one of my apps the next version I'll release... — TacB0sS, Jul 31 '13 at 12:14
@TacB0sS The check is based on the user, so the check will be done on whatever account is registered to use Google Play. If there are more than 1 account I believe it automatically checks each account that is registered to use Google Play. — Boardy, Jul 31 '13 at 14:05
I've went through the docs... it doesn't seem to be very specific, and if you would like to make it specific, you would require your own server, which means that I would already manage the entire logic on my own server. — TacB0sS, Aug 02 '13 at 22:29
@g00dy, add an answer so I'll accept it... I've tested this with our application, published to Analytics the results. — TacB0sS, Aug 09 '13 at 20:18

score 10 · Accepted Answer · answered Aug 09 '13 at 22:14

10

Check this link here. Then

PackageManager pm = getPackageManager();
String installationSource = pm.getInstallerPackageName(getPackageName());

When installed from the marked, the installationSource will return something like com.google.android% or com.android.vending%. However this changes and you have to maintain (support) it in case of a change - otherwise it will return null (from debugger) or some other package name, from some other application (the undesired ones :))

answered Aug 09 '13 at 22:14

g00dy

6,752
2
30
43

Except for the 'com.android.vending' which all new installs should show, since Google-Market turned to Google Play-Store... I've also found out that a 0.002% of new installs comes from 'com.google.android.feedback' which makes me wonder what that is? – TacB0sS Aug 09 '13 at 22:36

Sergio Carvalho · Answer 2 · 2013-08-01T14:28:21.223

1

The best way I've found to know if an app is from Play Store is what g00dy suggested: using the installer package name.

String packageName = appContext.getPackageName();
String installerPackage = appContext.getPackageManager().getInstallerPackageName(packageName);

if the app is downloaded in Play Store (even if the app is bought with a PC), installerPackage should be "com.vending.google".

edited Aug 01 '13 at 14:28

answered Aug 01 '13 at 14:07

Sergio Carvalho

251
3
9

score 0 · Answer 3 · answered Sep 19 '13 at 10:53

I found this http://developer.android.com/google/play/licensing/licensing-reference.html#lvl-summary

public boolean allowAccess() {
    long ts = System.currentTimeMillis();
    if (mLastResponse == LicenseResponse.LICENSED) {
        // Check if the LICENSED response occurred within the validity timeout.
        if (ts <= mValidityTimestamp) {
            // Cached LICENSED response is still valid.
            return true;
        }
    } else if (mLastResponse == LicenseResponse.RETRY &&
                ts < mLastResponseTime + MILLIS_PER_MINUTE) {
        // Only allow access if we are within the retry period or we haven't used up our
        // max retries.
        return (ts <= mRetryUntil || mRetryCount <= mMaxRetries);
    }
    return false;
}

I'm not really sure this gives me exactly what I want, but once I'll have the chance, I will give it a go... Thanks — TacB0sS, Sep 19 '13 at 20:17

Make sure the Android application was installed from Play-Store

3 Answers3