Android Question IMEI for activation of an application

ocalle

Active Member
Licensed User
Longtime User
I have seen that the Imei number of a cell phone is unique, it would be very good if there was a library or some genius has created one where the application sends the IMEI by mail and after the mail the user receives the activation of the application with a unique code number and letters, in this way checking the IMEI at the beginning of the program guarantees that in case of theft the company that has the service can put that chip in negative band and therefore the application with your private data does not open.
Tell me please that I am wrong and that there is another better solution, hacking is inevitable, what if you can is to generate updates or use the combination with KV. Excuse me if I disturb with my questions
Thank you!
 

BillMeyer

Well-Known Member
Licensed User
Longtime User
The question (preemptive maybe) is that "Can one use an IMEI number in a security system ?"

Yes. If you apply your mind to it. My current solution is as follows (this forum is a good place to find all the items mentioned below)

I have a CKVS server setup, as well as jRDC2 and MQTT and a MySQL server (all on the same machine - they run harmoniously next to each other)
I do not have a library to do this - just some well tried and tested code.

For a new user: I get the IMEI number from the device, interrogate my MySQL server via jRDC2 to see if the user has not perhaps been registered before. If not then I register them and send them a token/membership number and immediately change a CKVS entry "IsAMember" to "Yes".

If the user now opens the app a second time, I first look if the user "IsAMember" - if they are - then proceed (usually I don't even present them with a login screen) - if not then follow the New User routine above.

This can be expanded to actually track the phone by using a Service in Android for example to periodically place lat/long in the MySQL Database via jRDC2 or in CKVS - the choice is yours and your design dependent. Slightly different for an iPhone/iPad - but not impossible.

If you now wish to do update an item or something in the app - well - there is MQTT that you can send a jSON with, then there is Data Push Notifications, then there is Firebase - the choice are legion and all of them have examples or tutorials on this forum.

Enjoy !!
 
Upvote 0

ocalle

Active Member
Licensed User
Longtime User
Many thanks for those starting points, i checked Firebase and got rare behavior, then MQTT and CKVS option leave you handle your own farm, tomorrow Firebase change of policy and you need rewrite the code.-
 
Upvote 0

Cableguy

Expert
Licensed User
Longtime User
Just to "add to the confusion",
IMEI only based security is considered not secure. You can easily find app to change your IMEI number.
 
Upvote 0

victormedranop

Well-Known Member
Licensed User
Longtime User
I use the IMEI info to authentication and provision for some customer,
i haven't found something more secure. and okHttp does not use client side certificate.

Victor
 
Upvote 0
Top