3

Due to the well known issue of Secure.ANDROID_ID not being unique what alternatives are there for identifying a device in LVL?

If I were to use an installation unique generated ID would that not cause issues for the user who has purchased the app? E.g. if they re-install or switch devices will they have to re-purchase the app because the ID has changed?

// Try to use more data here. ANDROID_ID is a single point of attack.
String deviceId = Secure.getString(getContentResolver(), Secure.ANDROID_ID);
Johnny
  • 1,144
  • 2
  • 11
  • 23

1 Answers1

3

You should generally provide more context when asking a question: this single line doesn't mean much. Assuming you are referring to the LVL sample app, this deviceId is only used to derive an encryption key for obfuscating the app's preferences. Actual purchases are tied to the user's Google account, not to their device. So if they change devices and use the same account, purchases will be restored.

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84