Better Mobile App

Integrate System Integrity Check to Protect Your Apps from Unsafe Devices

Easy-to-Integrate Huawei System Integrity Check – Helping You Protect Your Apps from Unsafe Devices
Running apps on an unsafe device, for example, a rooted or unlocked device, can pose serious security risks. On an unsafe device, viruses, Trojan horses, and other malicious software may exploit the root permission to implant viruses, tamper with device information, and damage the system. Therefore, there is a real need to protect your apps from being run on unsafe devices. To meet such a need, Huawei offers Safety Detect, which provides the SysIntegrity API for system integrity check. This API can check whether a device running your app is unsafe, for example, due to the device being rooted or unlocked.
I. Service Introduction
The SysIntegrity API has the following features:
1. TEE-based system integrity check results: The API evaluates the integrity of a system during its secure boot in the Trusted Execution Environment (TEE) and will dynamically evaluate the system integrity. The check results are highly reliable.
2. Secure and reliable system integrity check results: The system integrity check results are signed using the signing certificate and cannot be tampered with.
(1) The Safety Detect SDK integrated with your app calls the SysIntegrity API.
(2) Safety Detect requests the signed check results from the Trusted Security Management Service (TSMS) server.
(3) Your app requests the check results.
II. Scenarios
Currently, developers of apps in the finance, entertainment, lifestyle, news, and other categories have integrated the SysIntegrity API into their apps.
A financial app can integrate SysIntegrity to improve transaction security. For example, the app can check whether the device is secure when a user enters the Card Verification Code (CVC) of their credit card. If the device is unsafe, the app will be stopped on the device to ensure no unsafe transactions can occur.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
A lifestyle or news app can integrate SysIntegrity to prevent malicious attacks, ensuring security of in-app operations such as payment.
A video entertainment app can integrate SysIntegrity to help protect copyrighted content. When a user registers an account on the app and watches or downloads video content, SysIntegrity can help ensure that this being done on a device that is trusted by the content provider.
III. Code Development
1 Configuring App Information in AppGallery Connect
Before you start developing an app, configure app information in AppGallery Connect.
For details, please visit https://developer.huawei.com/consumer/en/doc/HMSCore-Guides-V5/config-agc-0000001050416303-V5?ha_source=hms1
2 Configuring the Maven Repository Address for the HMS Core SDK
2.1 Open the build.gradle file in the root directory of your Android Studio project.
2.2 Add the AppGallery connect plug-in and the Maven repository.
Go to allprojects > repositories and configure the Maven repository address for the HMS Core SDK.
Code:
allprojects {
repositories {
google()
jcenter()
maven {url 'https://developer.huawei.com/repo/'}
}
}
Go to buildscript > repositories and configure the Maven repository address for the HMS Core SDK.
Code:
buildscript {
repositories {
google()
jcenter()
maven {url 'https://developer.huawei.com/repo/'}
}
}
Go to buildscript > dependencies and add dependency configurations.
Code:
buildscript{
dependencies {
classpath 'com.huawei.agconnect:agcp:1.3.1.300'
}
}
3 Creating a SafetyDetectClient Instance and Generating a Nonce Value
Code:
// Create a SafetyDetectClient instance.
SafetyDetectClient mClient = SafetyDetect.getClient(MainActivity.this);
// Generate a nonce value.
byte[] nonce = new byte[24];
try {
SecureRandom random;
if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.O) {
random = SecureRandom.getInstanceStrong();
} else {
random = SecureRandom.getInstance("SHA1PRNG");
}
random.nextBytes(nonce);
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, e.getMessage());
}
4 Creating a Check Result Listener
Code:
// Implement the OnSuccessListener API and obtain the check result from onSuccess
protected class SysIntegrityOnSuccessListener implements OnSuccessListener<SysIntegrityResp> {
// Obtain the system integrity check result.
@Override
public void onSuccess(SysIntegrityResp sysIntegrityResp) {
}
}
// Implement the OnFailureListener API and obtain the failure details from onFailure.
protected class SysIntegrityOnFailureListener implements OnFailureListener {
// Obtain the result code and description.
@Override
public void onFailure(Exception e) {
}
}
5 Calling the SysIntegrity API
Code:
// Call the SysIntegrity API. Replace ******** in the following code with your app ID.
Task task = mClient.sysIntegrity(nonce,"********");
task.addOnSuccessListener(new SysIntegrityOnSuccessListener()).addOnFailureListener(new SysIntegrityOnFailureListener());
6 Verifying the Check Results
For details about how to verify the check results on the server, please refer to relevant documents on the HUAWEI Developers website.
To find out more, visit the following links:
SysIntegrity API:
https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides/dysintegritydevelopment-0000001050156331?ha_source=hms1
Safety Detect development guide:
https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides/introduction-0000001050156325?ha_source=hms1
Demo and sample code on GitHub:
https://github.com/HMS-Core/hms-safetydetect-demo-android
Stack Overflow (for technical discussions):
https://stackoverflow.com/questions/tagged/huawei-mobile-services?tab=Newest

How to Obtain a List of Malicious Apps with HUAWEI Safety Detect

When there are malicious apps on a device, they can put the user’s personal information and transactions at risk. This is why HUAWEI Safety Detect provides the malicious app detection (AppsCheck) API. It enables your app to obtain a list of malicious apps installed on the user’s device, and use this to determine whether to restrict functionality such as in-app payments.
I. Service Introduction
AppsCheck in Safety Detect features in the following:
1. Detects malicious apps with an accuracy rate of 99%, according to authority.
2. Detects unknown threats based on app behavior.
The figure below illustrates the process of checking for malicious apps.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
(1) Your app, which has integrated the Safety Detect SDK, calls the AppsCheck API.
(2) The AppsCheck API returns a list of malicious apps to your app.
----End
II. Use Cases
All kinds of apps have integrated the AppsCheck API, including those in the fields of finance, tools, education, photography, news, media & entertainment. With this API, your app can obtain a list of malicious apps on the device running your app.
Example: When a user scans a QR code with your app to make a payment, your app will show the user a security warning if it detects any malicious apps on the user device.
Financial apps can integrate the AppsCheck API to ensure the security of user accounts. For example, when a user makes a payment in a financial app, the app will call the AppsCheck API to obtain a list of malicious apps on the user device. If any malicious apps are detected, the financial app will display a security warning and restrict the user's in-app operations. This means the app can protect the user's private information and finances.
Media & entertainment apps can integrate the AppsCheck API to ensure that videos are only played and downloaded on devices which do not contain any malicious apps. This prevents video piracy, makes apps more secure and efficient, and enables videos to run more smoothly.
News apps can integrate the AppsCheck API to ensure users’ accounts are secure when they read news stories or perform actions such as making in-app payments.
Demo video: Opening the demo app on a device with no malicious apps.
III. Development Procedure
1 Configuring App Information in AppGallery Connect
Before you start developing an app, configure the app information in AppGallery Connect.
For details about the procedure, please refer to HUAWEI Safety Detect Development Guide.
2 Configuring the Maven Repository Address for the HMS Core SDK
2.1 Opening the build.gradle File in the Root Directory of Your Android Studio Project
2.2 Adding the AppGallery Connect Plug-in and the Maven Repository
· Go to allprojects > repositories and configure the Maven repository address for the HMS Core SDK.
Code:
allprojects {
repositories {
google()
jcenter()
maven {url 'https://developer.huawei.com/repo/'}
}
}
· Go to buildscript > repositories and configure the Maven repository address for the HMS Core SDK.
Code:
<p style="line-height: 1.5em;">buildscript {
repositories {
google()
jcenter()
maven {url 'https://developer.huawei.com/repo/'}
}
}
</p>
· Go to buildscript > dependencies and add dependency on the AppGallery Connect plug-in.
Code:
<p style="line-height: 1.5em;">buildscript{
dependencies {
classpath 'com.huawei.agconnect:agcp:1.3.1.300'
}
}
</p>
3. Creating a SafetyDetectClient Instance
Code:
<p style="line-height: 1.5em;">// Create a SafetyDetectClient instance.
SafetyDetectClient appsCheckClient = SafetyDetect.getClient(getActivity());
}
</p>
4. Calling the AppsCheck API and Listen for the Call Result
Code:
<p style="line-height: 1.5em;">Task task = appsCheckClient.getMaliciousAppsList();
task.addOnSuccessListener(new OnSuccessListener<MaliciousAppsListResp>() {
// Obtain the malicious app check result.
@Override
public void onSuccess (MaliciousAppsListResp maliciousAppsListResp) {
}
}).addOnFailureListener(new OnFailureListener() {
// Obtain the result code and description of an exception.
@Override
public void onFailure(Exception e) {
}
});
</p>
Demo
To find out more, visit the following links:
AppsCheck API
Safety Detect Development Guide
GitHub (where you can download the demo and sample code)
Stack Overflow (where you can ask questions)

Does it works offline ?

It's very nice and reassuring.

Make Users to Update Your Application with HMS

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
AppGalleryKit App and AppGalleryKit Game services allows to jointly operate the apps with Huawei and share revenue generated in the process. Developer will have access to Huawei’s diverse services including HUAWEI AppGallery connection, data reports, activity operations, and user operations to obtain more premium HUAWEI AppGallery resources in order to promotion purposes.
To enable AppGalleryKit App or AppGalleryKitGame operations, you need to sign the HUAWEI AppGallery Connect Distribution Service Agreement For Paid Apps with Huawei. For details about the joint operations process, please refer to Joint Operations Services at a Glance.
AppGalleryKit App and AppGalleryKit Game is a product concept derived from Account, Analytics, In-App Purchases and other kits. With AppGalleryKit App or AppGalleryKit Game, initializing the app, updating the app, implementing Account Kit is optional. But it is necessary to implementing In-App Purchases kit to use AppGalleryKit App or AppGalleryKit Game. Also it is advised that use Analytics Kit, Auth Service, Crash Service, A/B Testing and APM.
AppGalleryKitApp or AppGalleryKitGame is not pure kit integration. It is required for developers to sign AppGalleryKitApp or AppGalleryKitGame related agreements and they are derived from many features.
Initiliazing app, updating the app, Account Kit and In-App Purchases can be implemented seperately. These kits do not depend on AppGalleryKitApp or AppGalleryKitGame. But AppGalleryKitApp or AppGalleryKitGame depends on these kits.
Although we are not going to use AppGalleryKitApp or AppGalleryKit game, we can still use the update status of the application. In this article, we will check if there is an update in a demo app. Of course due to this app will not be in AppGallery market, there will not any update required.
In order to use this feature, first HMS Core is needed to be integrated to the project.
You can click this link to integrate HMS Core to your project.
Adding Dependency
After HMS Core is integrated, app-service library needs to be implemented.
Code:
implementation 'com.huawei.hms:appservice:{version}' // Currently version is 5.0.4.302
We will create a checkUpdate method and use it in onCreate. JosApps.getAppUpdateClient method, AppUpdateClient instance will be obtained. This object provides the methods related to app update. checkAppUpdate method, checks for app updates after the app is launched and initialized.
Java:
private void checkUpdate(){
AppUpdateClient client = JosApps.getAppUpdateClient(this);
client.checkAppUpdate(this, new UpdateCallBack(this));
}
We need to create a static class which is UpdateCallBack and it will implement CheckUpdateCallBack. CheckUpdateCallBack returns a result for checking for app updates. It requires onUpdateInfo, onMarketInstallInfo, onMarketStoreError and onUpdateStoreError methods are implemented.
in onUpdateInfo method, we can get status code, fail code, fail reason and other informations.
For more information you can click this link.
Code:
private static class UpdateCallBack implements CheckUpdateCallBack {
private final WeakReference<MainActivity> weakMainActivity;
private UpdateCallBack(MainActivity mainActivity) {
this.weakMainActivity = new WeakReference<>(mainActivity);
}
public void onUpdateInfo(Intent intent) {
if (intent != null) {
MainActivity mainActivity = null;
if (weakMainActivity.get() != null){
mainActivity = weakMainActivity.get();
}
int status = intent.getIntExtra(UpdateKey.STATUS, 100);
int rtnCode = intent.getIntExtra(UpdateKey.FAIL_CODE, 200);
String rtnMessage = intent.getStringExtra(UpdateKey.FAIL_REASON);
Serializable info = intent.getSerializableExtra(UpdateKey.INFO);
if (info instanceof ApkUpgradeInfo && mainActivity != null ) {
AppUpdateClient client = JosApps.getAppUpdateClient(mainActivity);
//Force Update option is selected as false.
client.showUpdateDialog(mainActivity, (ApkUpgradeInfo) info, false);
Log.i("AppGalleryKit", "checkUpdatePop success");
}
if(mainActivity != null) {
//status --> 3: constant value NO_UPGRADE_INFO, indicating that no update is available.
Log.i("AppGalleryKit","onUpdateInfo status: " + status + ", rtnCode: "
+ rtnCode + ", rtnMessage: " + rtnMessage);
}
}
}
@Override
public void onMarketInstallInfo(Intent intent) {
//onMarketInstallInfo
}
@Override
public void onMarketStoreError(int i) {
//onMarketStoreError
}
@Override
public void onUpdateStoreError(int i) {
//onUpdateStoreError
}
}
In this example, due to we do not have the application released in the market, we got a status code which is equal to 3. This indicates that for the application there is no upgrade needed.
For all status codes, you can check the below image.
For more details, you can check AppGalleryKit App and AppGalleryKit Game development guide links in reference section. Also you can download this demo application from the Github link.
Reference
AppGalleryKit App
AppGalleryKit Game
Github

Intermediate: How to Integrate Huawei Dark-Mode and App Status awareness into flutter Application

Introduction
In this article, we will learn how to implement Huawei Awareness kit features, so we can easily integrate these features in to our Flutter application. In this article we are going to take a look at the Awareness kit Capture API features such as Dark mode awareness and App status awareness.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What is Huawei Awareness kit Service?
Huawei Awareness kit supports to get the app insight into a users’ current situation more efficiently, making it possible to deliver a smarter, more considerate user experience and it provides the users’ current time, location, behavior, audio device status, ambient light, weather, and nearby beacons, application status, and mobile theme mode.
Restrictions
1. Dark mode: It supports EMUI 10.0 or later for Huawei devices and non-Huawei devices required Android 10.0 or later (API level 29 is required).
2. App status: It supports EMUI 5.0 or later for Huawei devices and non-Huawei devices currently it is not supporting
Requirements
1. Any operating system(i.e. MacOS, Linux and Windows)
2. Any IDE with Flutter SDK installed (i.e. IntelliJ, Android Studio and VsCode etc.)
3. Minimum API Level 29 is required.
4. Required EMUI 10.0 For Dark-mode and EMUI 5.0 for App status.
How to integrate HMS Dependencies.
1. First of all, we need to create an app on AppGallery Connect and add related details about HMS Core to our project. For more information check this link
2. Enable the Awareness Kit in the Manage API section and add the plugin.
3. Add the required dependencies to the build.gradle file under root folder.
Code:
maven {url 'http://developer.huawei.com/repo/'}
classpath 'com.huawei.agconnect:agcp:1.4.1.300'
4. Now we can implement Awareness Kit plugin. To implement Awareness Kit to our app, we need to download the plugin. Follow the URL for cross-platform plugins.
5. After completing all the above steps, you need to add the required kits’ Flutter plugins as dependencies to pubspec.yaml file. You can find all the plugins in pub.dev with the latest versions.
Code:
huawei_awareness:
path: ../huawei_awareness/
After adding them, run flutter pub get command. Now all the plugins are ready to use.
Note: Set multiDexEnabled to true in the android/app directory, so the app will not crash.
Use Awareness to get the dark mode status
With Dark-mode Status Awareness, we can detect the dark mode status of the device. We can get the status using capture API.
Code:
void loadAppTheme() async {
DarkModeResponse response = await AwarenessCaptureClient.getDarkModeStatus();
bool isDarkMode = response.isDarkModeOn;
setState(() {
if (isDarkMode) {
Provider.of<ThemeChanger>(context).setTheme(darkTheme);
} else {
Provider.of<ThemeChanger>(context).setTheme(lightTheme);
}
});
}
Use Awareness to get the Application status
With Application status Awareness, we can detect whether application is in which mode like silent, running using package name.
Code:
void checkAppStatus() async {
String packName = "******************";
ApplicationResponse response =
await AwarenessCaptureClient.getApplicationStatus(
packageName: packName);
int appState = response.applicationStatus;
setState(() {
switch (appState) {
case ApplicationStatus.Unknown:
_showDialog(context, "Demo Application Not found");
print("log1" + "Application Not found");
break;
case ApplicationStatus.Silent:
_showDialog(context, "Demo Application Currently in silent mode");
print("log1" + "Application silent");
break;
case ApplicationStatus.Running:
_showDialog(context, "Demo Application Currently in Running mode");
print("log1" + "Application Running");
break;
}
});
}
Final code here
Code:
void main() {
runApp(MyApp());
}
class MyApp extends StatelessWidget {
@override
Widget build(BuildContext context) {
return ChangeNotifierProvider<ThemeChanger>(
create: (context) => ThemeChanger(ThemeData.light()),
child: new App(),
);
}
}
class App extends StatelessWidget {
@override
Widget build(BuildContext context) {
final appState = Provider.of<ThemeChanger>(context);
return MaterialApp(
title: "WellFit",
theme: appState.getTheme(),
home: Scaffold(
body: Tabs(),
),
);
}
}
ThemeNotifier class
Code:
class ThemeChanger with ChangeNotifier {
ThemeData _themeData;
ThemeChanger(this._themeData);
getTheme() => _themeData;
setTheme(ThemeData themeData) {
_themeData = themeData;
notifyListeners();
}
}
Demo
​
Tips and Tricks
1. Download latest HMS Flutter plugin.
2. Set minSDK version to 29 or later.
3. Do not forget to click pug get after adding dependencies.
4. Do not forget to set data processing location.
5. Refer this URL for supported Devices list.
Conclusion
In this article, I have covered two services Dark-mode awareness and App status Awareness.
Using Dark-mode awareness we can easily identify which theme currently we activated in settings page.
Using App Status awareness we can monitor the application in which state like silent or running these two we covered in this article.
Thanks for reading! If you enjoyed this story, please click the Like button and Follow. Feel free to leave a Comment below.
Reference
Awareness Kit URL
Original Source

Adding Custom Events in Android App KnowMyBoard Using Huawei Analytics Kit

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
In this article, we will learn how to integrate Huawei Analytics kit in Android application KnowMyBoard. Account Kit provides seamless login functionality to the app with large user base.
Huawei Analytics kit provides very easy and convenient way to add custom events, custom events can be used to meet personalized analysis requirements that cannot be met by automatically collected events or predefined events. Analytics Kit allows you to customize events and extend event parameters, or add personalized parameters for predefined events.
Supported Devices
Restrictions
Number of events: A maximum of 500 events are supported.
Number of event parameters: You can register a maximum of 25 parameters for each event, and a maximum of 500 event parameters for each project.
Development Overview
You need to install Android Studio IDE and I assume that you have prior knowledge of Android application development.
Hardware Requirements
A computer (desktop or laptop) running Windows 10.
Android phone (with the USB cable), which is used for debugging.
Software Requirements
Java JDK 1.8 or later.
Android Studio software or Visual Studio or Code installed.
HMS Core (APK) 4.X or later
Integration steps
Step 1. Huawei developer account and complete identity verification in Huawei developer website, refer to register Huawei ID.
Step 2. Create project in AppGallery Connect
Step 3. Adding HMS Core SDK
Let's start coding
How to Add Custom Event in AGC?
Login to AppGallery Connect Console, select projects and choose your project and navigate to Events
How to initialize Analytics Kit?
[/B]
public class MyApplication extends Application {
public static Activity myactivity;
static HiAnalyticsInstance instanceAnalytics;
@Override
public void onCreate() {
super.onCreate();
MLApplication.initialize(this);
//initialize Analytics Kit
instanceAnalytics = HiAnalytics.getInstance(this);
MLApplication.getInstance().setApiKey(Constants.API_KEY);
MapsInitializer.setApiKey(Constants.API_KEY);
}
public static HiAnalyticsInstance getAnalyticsInstance(){
return instanceAnalytics;
}
public static void setActivity(Activity activity) {
myactivity= activity;
}
public static Activity getActivity() {
return myactivity;
}
}
[B]
How to send Custom Events?
[/B][/B]
private void sendEvent(String eventName,String eventType) {
Bundle bundle = new Bundle();
bundle.putString(eventType,eventType);
bundle.putString( "event_time", getTime());
MyApplication.getAnalyticsInstance().onEvent(eventName, bundle);
}
[B][B]
Result
Tricks and Tips
Makes sure that agconnect-services.json file added.
Make sure required dependencies are added
Make sure that service is enabled in AGC
Enable data binding in gradle.build file
Enable debug mode to see events details in get App debugging hit this command in terminal
adb shell setprop debug.huawei.hms.analytics.app pkg_name
Conclusion
Finally, we have learnt how to integrate Huawei Analytics kit in Android application KnowMyBoard. You can check the desired result in the result section. You can also go through previous article part-5 here. Hoping Huawei Analytics kit capabilities are helpful to you as well, like this sample, you can make use as per your requirement.
Thank you so much for reading. I hope this article helps you to understand the integration of Huawei Analytics kit in Android application KnowMyBoard.
Reference
Huawei Analytics Kit — Training video
Checkout in forum