Requirement
Compliance
1.1 According to the user's information protection regulations, before your users start the App for the first time and start collecting information, your company should fully inform the user of the purpose, method, and scope of collecting, using, and sharing the user's personal information with a third party through an interactive interface or design (such as a pop-up window of the privacy policy), and obtain the express consent of the end user.
1.2 To provide business security and risk control services to your company, the TrustDecision SDK will collect, process, and use the identification information IDFA, AndroidID, OAID, MAC address, Wireless IP address, WIFI list, wireless router identification (BSSID, SSID),device type, device model, system type, geographical location(Rough location information, precise location information), login IP address and other device information of the user's device. To ensure compliance with your use of related services, the aforementioned privacy policy should cover the authorization of TrustDecision SDK to provide services and collect, process, and use relevant information. The following terms are for your reference. The specific expression can be determined by your company according to the overall framework and content of your privacy agreement:
TrustDecision SDK: For business security and risk control, our company uses the TrustDecision SDK. The SDK needs to obtain the information of your devices, such as IDFA, AndroidID, OAID, GAID,MAC address, Wireless IP address, WIFI list, wireless router identification (BSSID, SSID),device type, device model, system type, geographical location(Rough location information, precise location information), login IP address, application list, running process, network type,device software version,sensor information(light sensor, gravity sensor, magnetic field sensor, acceleration sensor, gyroscope sensor) and other related device information, for fraud risk identification.
Privacy Policy: https://www.trustdecision.com/legal/privacy-policy
Data Safety Requirements for Google Play
For every app that is uploaded to the Google Play Store, Google requires that the app's privacy and security practices are made available to all its users. For this reason, when an app (or a new version) is uploaded to the Play Store, Google requires app developers to fill out a data safety form. See Provide information for Google Play's Data safety section for more information.
If your app includes our Android SDK, then you can use the table below as a reference to fill out the data safety form:
| Question in Google Play Console's data safety form | Response |
|---|---|
| Does your app collect or share any of the required user data types? | Yes. |
| What type of data is collected? | Device or other identifiers. |
| Is this data collected, shared, or both? | Collected. |
| Is this data processed ephemerally? | Yes. |
| Why is this user data collected? | Fraud Prevention, Security, and Compliance. |
Environment
| Item | Description |
|---|---|
| Supported System Versions | Android 5.0 and above |
| Supported Architectures | armeabi-v7a, arm64-v8a, x86, x86_64 |
Integrate
integrate sample: https://github.com/trustdecision/mobrisk-android-sample
Install
If installing offline, please refer to Offline Install
Add Warehouse
Add the maven library configuration to build.gradle in the project root directory
allprojects {
repositories {
...
mavenCentral()
}
}If your gradle version is 7 or higher, add this configuration to your settings.gradle
repositories {
...
mavenCentral()
}Add Dependencies
Add dependencies to build.gradle of the main module
dependencies {
implementation 'com.trustdecision.android:mobrisk:5.2.0'
}If you encounter compliance issues, you can exclude the collection of relevant modules
dependencies {
implementation('com.trustdecision.android:mobrisk:5.2.0'){
// after removal, sdk does not get the list of installation packages
exclude group: 'com.trustdecision.android', module: 'packagelist'
// after removal, sdk will not collect READ_PHONE_STATE related information
exclude group: 'com.trustdecision.android', module: 'readphone'
// after removal, sdk will not collect location information
exclude group: 'com.trustdecision.android', module: 'location'
// after removal, sdk will not collect sensor information
exclude group: 'com.trustdecision.android', module: 'sensor'
// after removal, sdk will not collect wifi information
exclude group: 'com.trustdecision.android', module: 'wifiinfo'
}
}Abi Configuration
The SDK currently supports four ABI types: armeabi-v7a, arm64-v8a, x86 and x86_64. It is recommended to specify the required architecture type in the app/build.gradle file using the abiFilters configuration.
defaultConfig {
...
ndk {
abiFilters 'armeabi-v7a', 'arm64-v8a'
}
}AndroidManifest.xml
Declare the following permissions in the AndroidManifest.xml file under the application module
<manifest>
<!-- required -->
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<!-- Outside the Chinese Mainland -->
<uses-permission android:name="com.google.android.gms.permission.AD_ID"/>
<!--optional, If not declared, some device information will be abandoned -->
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<!-- required for Android 11 and above to obtain the installed packages -->
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"
tools:ignore="QueryAllPackagesPermission" />
</manifest>Permissions
| Name | Description |
|---|---|
| INTERNET(required) | Allows the app to access the network connection and send requests to communicate with the server. |
| ACCESS_NETWORK_STATE(required) | Collect network connection status information. |
| ACCESS_WIFI_STATE(required) | Collect the current WiFi access status and WLAN hotspot information. |
| AD_ID(required) | Collect the Google advertising ID, required outside the Chinese Mainland. |
| ACCESS_COARSE_LOCATION | Get location information, with an accuracy of approximately 30 to 1500 meters. |
| ACCESS_FINE_LOCATION | Get location information, with positioning accuracy within 10 meters. |
| READ_PHONE_STATE | Collect information on SIM card |
| QUERY_ALL_PACKAGES | Collect installed packages |
Initialization
Cautions
- Ensure that it is initialized after the user agrees to the privacy agreement.
- Ensure that it is initialized in the main process.
Definition
public static void initWithOptions(Context ctx, TDRisk.Builder builder);@JvmStatic
fun initWithOptions(ctx: Context, builder: TDRisk.Builder)Get BlackBox
Cautions
- Call
getDeviceInfoafterinitWithOptions. - Don't cache blackBox returned by getDeviceInfo in the app. Please rely on this function to get blackBox.
Definition
// get by asynchronous callback
public static void getDeviceInfo(TDDeviceInfoCallbackAdapter callback);
// get by synchronous call
public static TDDeviceInfo getDeviceInfo();Best Practices
- Call initialization in the
onCreatemethod of the application
// onCreate of APPlication
TDRisk.Builder builder = new TDRisk.Builder()
/*************************** required ***************************/
.partner("Please enter your partner code") // get from our customer platform
.appKey("Please enter your appKey") // get from our customer platform
.dataCenter("Please enter your data center");
if(agrees to the privacy){
try {
TDRisk.initWithOptions(getApplicationContext(), builder);
} catch (Exception e) {
Log.e("TD", "init error", e);
}
}// onCreate of APPlication
val builder = TDRisk.Builder()
/*************************** required ***************************/
.partner("Please enter your partner code") // get from our customer platform
.appKey("Please enter your appKey") // get from our customer platform
.dataCenter("Please enter your data center")
/*************************** required ***************************/
if (agrees to the privacy) {
try {
TDRisk.initWithOptions(applicationContext, builder)
} catch (e: Exception) {
Log.e("TD", "init error", e);
}
} - Obtain blackBox in actual business scenarios
- Recommend using asynchronous methods to obtain without affecting the calling thread.
public void register() { ... try { TDRisk.getDeviceInfo(new TDDeviceInfoCallbackAdapter() { @Override public void onResult(TDDeviceInfo deviceInfo) { // here is in a new thread int code = deviceInfo.getApiStatus().getCode(); String message = deviceInfo.getApiStatus().getMessage(); String blackbox = deviceInfo.getBlackBox(); Log.e("TD", "code:" + code + ", message:" + message + ", blackBox:" + blackBox); } }); } catch (Exception e) { Log.e("TD", "getDeviceInfo error", e); } ... }fun register() { ... try { TDRisk.getDeviceInfo(object : TDDeviceInfoCallbackAdapter() { override fun onResult(deviceInfo: TDDeviceInfo?) { // here is in a new thread val code = deviceInfo?.apiStatus?.code ?: -1 val message = deviceInfo?.apiStatus?.message ?: "" val blackbox = deviceInfo?.blackBox ?: "" Log.e("TD", "code:$code, message:$message, blackBox:$blackBox") } }) } catch (e: Throwable) { Log.e("TD", "getDeviceInfo error", e) } ... } - If the blackBox has been successfully obtained through asynchronous method before, it can be directly obtained through synchronous method.
public void pay() { ... try { // May be time-consuming, be cautious when calling in the main thread. TDDeviceInfo deviceInfo = TDRisk.getDeviceInfo(); String blackbox = deviceInfo.getBlackBox(); } catch (Exception e) { Log.e("TD", "getDeviceInfo error", e); } ... }fun pay() { ... try { // May be time-consuming, be cautious when calling in the main thread. val deviceInfo = TDRisk.getDeviceInfo() val blackbox = deviceInfo.blackBox } catch (e: Exception) { Log.e("TD", "getDeviceInfo error", e) } ... }
- Recommend using asynchronous methods to obtain without affecting the calling thread.
Status Check
- Log will be printed in logcat while initialization successfully
TD_JAVA: TD sdk load success
TD_JAVA: TD sdk init success- getDeviceInfo() will return a 26-bit string while initialization successfully:
rGPGX1678775227I9NCwcuVJCb - getDeviceInfo() will return a string of around 5000 bits while initialization Failed, please refer to overview-definition
Other
Get SDK Version
TDRisk.getSDKVersion()TDRisk.getSDKVersion()Keep Configuration
-keep class com.trustdecision.**{*;}All Configurations
| Key | Description | Sample | Remove Field |
|---|---|---|---|
| partner(required) | Partner code, contact operator to obtain. | builder.partner("partner") | |
| appKey(required) | Application identification, please refer to | builder.appKey("appKey") | |
| dataCenter(required) | Data-center: TDRisk.DATA_CENTER_US (USA) TDRisk.DATA_CENTER_FRA (Europe) TDRisk.DATA_CENTER_SG (Singapore) TDRisk.DATA_CENTER_IDNA (Indonesia) TDRisk.DATA_CENTER_CN (China) ❗️Note: country is deprecated but still works for now. We recommend using dataCenter instead. | builder.dataCenter(TDRisk.DATA_CENTER_CN) | |
| appName | Application name, contact operator to obtain | builder.appName("appName") | |
| channel | Channel name, contact operator to obtain | builder.channel("channel") | |
| httpTimeOut | Network timeout configuration, in milliseconds, default 15000ms | builder.httpTimeOut(5000) | |
| disableOptions | Prohibit obtaining specified items |
| oaid, aid, androidId |
| disableDebugger | After configuration, it will terminate running when debugging is detected, default allowed | builder.disableDebugger() | |
| disableRunningTasks | Prohibit obtaining running tasks, default allowed | builder.disableRunningTasks() | running_packages |
| disableGPS | Prohibit collection of GPS location information, default allowed | builder.disableGPS() | ssid、wifi_list、gps_switch、latitude、longitude、gps_location |
| disableSensor | Prohibit collecting sensor information, default allowed | builder.disableSensor() | mangetic_field_sensor、gyroscope_sensor、light_sensor、accelerator_data、gravity_data |
| disableReadPhone | Prohibit collection of READPHONE STATE permission-related information, default allowed | builder.disableReadPhone() | country_iso、carrier、network_operator、sim_operator、phone_type、radio_type、device_svn |
| disableInstallPackageList | Prohibit collection of application list information, allowed default | builder.disableInstallPackageList() | installed_packages |
| customMessage | Custom messages, SDK supports transparent transmission and storage | builder.customMessage(customMessage) |
Response Result
The getDeviceInfo() function returns the response data in callback.
| Key | Description |
|---|---|
| blackBox | Call log query identifier |
| fpVersion | SDK Version |
Error Code
The corresponding values of code and message are as follows:
| Code | Message | Remarks |
|---|---|---|
| 0 | Success. | Success |
| 1000 | Access error. | Access exception occurs, possible causes: abnormal input parameters or network environment anomalies |
| 1001 | SDK error. | SDK exception occurs, possible reasons: Initialization function not called |
| 1002 | Network error. | Network Error |
| 1003 | API error. | The server returns an error |
| 1004 | Traffic limit. | Gateway current limiting return |
| 1005 | Traffic shutdown. | Traffic shutdown |
| 1100 | Unknown error. | Unknown error |
