1

what does it mean by 'For apps installed on a device running Android 8.0, the value of ANDROID_ID is now scoped per app signing key, as well as per user. ' https://developer.android.com/about/versions/oreo/android-8.0-changes.html.

Is that means if I have two android apps in same device with same signing key and different package name, does those apps get same device ID for specific user?

user3565768
  • 43
  • 9
  • The rest of the text in that link seems to confirm you would, e.g. "_The value of ANDROID_ID is unique for each combination of app-signing key, user, and device_". – TripeHound Oct 23 '17 at 10:05

1 Answers1

1

Is that means if I have two android apps in same device with same signing key and different package name, does those apps get same device ID for specific user?

The answer is yes, but if the app has Google Play App Signing enabled in the Google Developer Console the key will not be the same for the different apps even if you uploaded the APK's releases with the same key.

And my recommendation is to use always separate keys for different apps.

from56
  • 3,976
  • 2
  • 13
  • 23
  • what is your first statement based on? This line from the docs directly contradicts it "The value of ANDROID_ID is unique for each combination of app-signing key, user, **and device**." – Tim Oct 23 '17 at 10:11
  • Isn't signing key used for show the publisher or company identity ? So do we need separate keys for that ? – user3565768 Oct 23 '17 at 10:19
  • Using the same if your app certificate is compromised, all your apps are compromised. But as I said using Google Play App Signing ( I think it is the default for new apps) the app key will be always different, then no problem to use the same – from56 Oct 23 '17 at 10:26