Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a website which supplies data to mobile app.
Is there a way to identify myApp vs a cloned App?
So that I can block access of any cloned App.
On first time APP usage, I generate an APP ID, PASS CODE & Access URL
Where I change the PASS CODE frequently, but how to identify myAPP on the first access so as to be sure that I am issuing APP ID & PASS CODE to my own APP only.
What sort of encryption I can use for the first time access?
You can have a hardcoded key on your app code that only your server knows. Use it to create a hash signature, like
md5(concat(key, deviceId)). When the requests arrive to your application server, you can do the same and compare the results. The clonner can’t discover this key by sniffing your app requests. The only way to get it is by disassembling it, but it’s much harder.This is a simple suggestion, though. If you want a more sofisticated solution, check for HMAC wiki.