Google has launched a set of Play Integrity API tools that will help a developer determine whether their Android application was downloaded from the official Play Store or from a third-party source.
Image source: Rubaitul Azad / unsplash.com
The owner of an Android device may, for various reasons, install applications not from Google Play, but from third-party sources; developers may also have many reasons to block such installation. For example, an application not downloaded from Google Play may be missing some resources, code or functions, and the Play Integrity API will help track this. This set of tools allows the developer to “verify that interactions and requests to the server originate from a genuine application binary running on a genuine Android device.” It tries to detect confirmation that the application has been hacked, that it is running in an “untrusted” software environment, and whether Google Play protection is enabled on the device. The SafetyNet Attestation mechanism works in a similar way, but the Play Integrity API has a wider range of capabilities.
A developer can call the Play Integrity API at any time during the application’s execution and receive a set of data called an “integrity verdict.” Depending on the result, any further sequence of actions can be taken. You can block the entire application or call the API only when performing sensitive actions to warn the user that continuing to work may be fraught with threats.
Image source: github.com/linuxct/hydra
At the Google I/O developer conference in May, the company also showed off “remediation” dialogs that offer solutions to integrity issues. So, if the “appLicensingVerdict” query returned the result “UNLICENSED,” it means that the user does not have a license for the application – he did not purchase or install it on Google Play. In this case, you can also call the Play Integrity API, which will display a “GET_LICENSED” window that will help you get the app from the official app store. The existing app will be deleted with all its data, the system will install an “official” instance, the app will be added to the store library, and all further “appLicensingVerdict” requests will return “LICENSED”.
Google intends to strengthen the Play Integrity API and add new features. It is known that this interface is already used in the Tesco and BeyBlade X applications, something similar was seen in the game Diablo Immortal, and there are also calls to it in the Stripe, Uber and TikTok applications. And in the future, its presence promises to expand.
GPUs, originally created for creating three-dimensional images, have performed well in the field of accelerating…
South Korean electronics maker Samsung Display plans to invest $1.8 billion this year to build…
More and more users are complaining about problems with the responsiveness of the iPhone 16…
New Zealand studio Weta Workshop, with the support of the publishing house Private Division, held…
Those wishing to believe in a successful outcome of Qualcomm's initiative to acquire Intel assets…
US telecom operator AT&T has agreed to remove abandoned lead-sheathed cables that have led to…