Device Fingerprinting

Device fingerprinting is a technique for identifying devices by various identifiers and characteristics. It is necessary in some countries to meet regulatory and compliance requirements, enhance security, and prevent fraud.

Malwarelytics for Android is able to provide device fingerprinting when required by the customer.

Configuration

This feature can be configured during the Malwarelytics initialization phase:

val appProtectionConfig = AppProtectionConfig.Builder(context)
    .fingerprint(FingerprintType)
    // other configuration
    .build()

Available values of FingerprintType:

Value Description
NONE indicates that no device fingerprinting will be performed.
BASIC indicates that basic device fingerprinting will be performed using only methods that are safe on all devices.
SAFE indicates that device fingerprinting will be performed using all available methods only on non-problematic devices. On problematic devices only the basic device fingerprinting will be performed, the devices are described in Problematic Devices.
FULL indicates that full device fingerprinting will be performed using all available methods.

Device fingerprinting defaults to FingerprintType.FULL.

Problematic Devices

Some methods of device fingerprinting can cause “mysterious” keystore-related exceptions. This can happen when the application uses the Android KeyStore API (the KeyStore API might be used indirectly through other Android APIs). The problem happens on some Pixel devices with Android 14.

When an exception related to keystore operations starts appearing on Android 14 with no obvious cause, we recommend trying to use FingerprintType.SAFE in your device fingerprinting configuration. It might fix the issue.

Currently known problematic devices:

  • Pixel 5
  • Pixel 4a (5G)
Last updated on Nov 27, 2023 (14:00) View product
Search

develop

Malwarelytics for Android