Block use of older versions of illegally downloaded app (APK)
I have a paid application that in the old version did not verify the license of the play store and I have now discovered that there are some sites that illegally download the APK from an old version where users can install and access my database in the firebase. (without paying for the download)
The database in firebase (realtime database) has already been blocked access through the rules, but as the app uses set persistent on then the fraudulent users are still using the app (I can see in firebase analytics) .
Any idea how to block old versions, or force these versions to not work to prevent these users from being able to use the app?
android firebase-realtime-database google-play-console
add a comment |
I have a paid application that in the old version did not verify the license of the play store and I have now discovered that there are some sites that illegally download the APK from an old version where users can install and access my database in the firebase. (without paying for the download)
The database in firebase (realtime database) has already been blocked access through the rules, but as the app uses set persistent on then the fraudulent users are still using the app (I can see in firebase analytics) .
Any idea how to block old versions, or force these versions to not work to prevent these users from being able to use the app?
android firebase-realtime-database google-play-console
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12
add a comment |
I have a paid application that in the old version did not verify the license of the play store and I have now discovered that there are some sites that illegally download the APK from an old version where users can install and access my database in the firebase. (without paying for the download)
The database in firebase (realtime database) has already been blocked access through the rules, but as the app uses set persistent on then the fraudulent users are still using the app (I can see in firebase analytics) .
Any idea how to block old versions, or force these versions to not work to prevent these users from being able to use the app?
android firebase-realtime-database google-play-console
I have a paid application that in the old version did not verify the license of the play store and I have now discovered that there are some sites that illegally download the APK from an old version where users can install and access my database in the firebase. (without paying for the download)
The database in firebase (realtime database) has already been blocked access through the rules, but as the app uses set persistent on then the fraudulent users are still using the app (I can see in firebase analytics) .
Any idea how to block old versions, or force these versions to not work to prevent these users from being able to use the app?
android firebase-realtime-database google-play-console
android firebase-realtime-database google-play-console
edited Nov 23 '18 at 6:43
asked Nov 23 '18 at 5:39
Itapox
148214
148214
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12
add a comment |
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12
add a comment |
2 Answers
2
active
oldest
votes
Store a data about your update in your firebase database. when a user opens your app then you should check that data to validate updated app. Sure u can do much more with logic. You can store version code as they are always unique.
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
add a comment |
I'm afraid that you need code in your app to do this, and once you have launched, you can't go back and change your code. For this app you are probably stuck.
In the future, using a product like Firebase Remote Config to have a "please update" switch in your app that you can control from the cloud is probably a good idea.
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53441165%2fblock-use-of-older-versions-of-illegally-downloaded-app-apk%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Store a data about your update in your firebase database. when a user opens your app then you should check that data to validate updated app. Sure u can do much more with logic. You can store version code as they are always unique.
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
add a comment |
Store a data about your update in your firebase database. when a user opens your app then you should check that data to validate updated app. Sure u can do much more with logic. You can store version code as they are always unique.
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
add a comment |
Store a data about your update in your firebase database. when a user opens your app then you should check that data to validate updated app. Sure u can do much more with logic. You can store version code as they are always unique.
Store a data about your update in your firebase database. when a user opens your app then you should check that data to validate updated app. Sure u can do much more with logic. You can store version code as they are always unique.
answered Nov 23 '18 at 6:23
Shahadat Hossain Shaki
441311
441311
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
add a comment |
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
I already use access rules that are blocking the read / update of the database of these versions, but because persistence is enabled, users who already have data previously downloaded continue to use the app. I would like to find some solution to prevent the use of these versions (crash) or to clean the database of these old versions.
– Itapox
Nov 23 '18 at 6:33
add a comment |
I'm afraid that you need code in your app to do this, and once you have launched, you can't go back and change your code. For this app you are probably stuck.
In the future, using a product like Firebase Remote Config to have a "please update" switch in your app that you can control from the cloud is probably a good idea.
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
add a comment |
I'm afraid that you need code in your app to do this, and once you have launched, you can't go back and change your code. For this app you are probably stuck.
In the future, using a product like Firebase Remote Config to have a "please update" switch in your app that you can control from the cloud is probably a good idea.
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
add a comment |
I'm afraid that you need code in your app to do this, and once you have launched, you can't go back and change your code. For this app you are probably stuck.
In the future, using a product like Firebase Remote Config to have a "please update" switch in your app that you can control from the cloud is probably a good idea.
I'm afraid that you need code in your app to do this, and once you have launched, you can't go back and change your code. For this app you are probably stuck.
In the future, using a product like Firebase Remote Config to have a "please update" switch in your app that you can control from the cloud is probably a good idea.
answered Nov 26 '18 at 9:59
Nick Fortescue
5,4391422
5,4391422
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
add a comment |
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
I agree and already use Firebase Remote Config in recent versions, I also use LicenseChecker from market_licensing (developer.android.com/google/play/licensing/setting-up), as well as access rules in realtime-database. Thanks for the answer.
– Itapox
Nov 26 '18 at 18:06
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53441165%2fblock-use-of-older-versions-of-illegally-downloaded-app-apk%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
If disk persistence in the app is enabled, they'll only be able to access data that they've already downloaded. I don't think there's much Firebase can do, aside from what I mentioned here: stackoverflow.com/questions/50429782/…
– Frank van Puffelen
Nov 23 '18 at 5:55
Thanks for the answer. Maybe if I create a new SHA-1 key for new users and remove the old key from firebase, will persistence continue to work or will it crash? Too risky to punish legitimate users?
– Itapox
Nov 23 '18 at 6:12