Is there a unique Android device ID?
Asked Answered
B

54

3091

Do Android devices have a unique ID, and if so, what is a simple way to access it using Java?

Budwig answered 7/5, 2010 at 0:47 Comment(1)
If you're using ANDROID_ID be sure to read this answer and this bug.Yacano
F
2246

Settings.Secure#ANDROID_ID returns the Android ID as an unique for each user 64-bit hex string.

import android.provider.Settings.Secure;

private String android_id = Secure.getString(getContext().getContentResolver(),
                                                        Secure.ANDROID_ID);

Also read Best practices for unique identifiers: https://developer.android.com/training/articles/user-data-ids

Fechter answered 7/5, 2010 at 0:49 Comment(12)
It's known to be null sometimes, it's documented as "can change upon factory reset". Use at your own risk, and it can be easily changed on a rooted phone.Jordain
groups.google.com/group/android-developers/browse_thread/thread/…Galvanoscope
I think we need to be careful about using ANDROID_ID in hash in first answer about because it may not be set when app is first run, may be set later, or may even change in theory, hence unique ID may changeMelvamelvena
Be aware there are huge limitations with this solution: android-developers.blogspot.com/2011/03/…Cardiology
this ANDROID_ID is Only for Android Tab if you can run in phone then you will get null if you will run in Tab then you can get Unique ID.-GirishColotomy
ANDROID_ID no longer uniquely identifies a device (as of 4.2): https://mcmap.net/q/11178/-implications-of-android-multiple-user-support-new-in-4-2-for-server-side-data-model-e-g-android_idPredecessor
It seems this can also change if a user clears Play Services cached data. androidpolice.com/2013/11/20/… hints to "Doing this changes the primary ID by which Google knows your device. As far as the servers are concerned, the device was basically factory reset." which im assuming is the ANDROID_ID - I cant replicate this in testing however - worth being aware of anyhow...Leastways
Android O will change this android-developers.googleblog.com/2017/04/…Pauperize
Android Lint is saying "Using getString to get device identifiers is not recommended. Inspection info:Using these device identifiers is not recommended other than for high value fraud prevention and advanced telephony use-cases. For advertising use-cases, use AdvertisingIdClient$Info#getId and for analytics, use InstanceId#getId.Ulster
This id changes with the change of keystore file. I was looking for something more unique. An id that remains constant for a single device.Kessel
@SyedArsalanKazmi i chosen fcm tokenDetrain
This answer is not corecct as this value changes when the apk signature changes as of android 8Lipoprotein
A
1193

UPDATE: As of recent versions of Android, many of the issues with ANDROID_ID have been resolved, and I believe this approach is no longer necessary. Please take a look at Anthony's answer.

Full disclosure: my app used the below approach originally but no longer uses this approach, and we now use the approach outlined in the Android Developer Blog entry that emmby's answer links to (namely, generating and saving a UUID#randomUUID()).


There are many answers to this question, most of which will only work "some" of the time, and unfortunately, that's not good enough.

Based on my tests of devices (all phones, at least one of which is not activated):

  1. All devices tested returned a value for TelephonyManager.getDeviceId()
  2. All GSM devices (all tested with a SIM) returned a value for TelephonyManager.getSimSerialNumber()
  3. All CDMA devices returned null for getSimSerialNumber() (as expected)
  4. All devices with a Google account added returned a value for ANDROID_ID
  5. All CDMA devices returned the same value (or derivation of the same value) for both ANDROID_ID and TelephonyManager.getDeviceId() -- as long as a Google account has been added during setup.
  6. I did not yet have a chance to test GSM devices with no SIM, a GSM device with no Google account added, or any of the devices in airplane mode.

So if you want something unique to the device itself, TM.getDeviceId() should be sufficient. Obviously, some users are more paranoid than others, so it might be useful to hash 1 or more of these identifiers, so that the string is still virtually unique to the device, but does not explicitly identify the user's actual device. For example, using String.hashCode(), combined with a UUID:

final TelephonyManager tm = (TelephonyManager) getBaseContext().getSystemService(Context.TELEPHONY_SERVICE);

final String tmDevice, tmSerial, androidId;
tmDevice = "" + tm.getDeviceId();
tmSerial = "" + tm.getSimSerialNumber();
androidId = "" + android.provider.Settings.Secure.getString(getContentResolver(), android.provider.Settings.Secure.ANDROID_ID);

UUID deviceUuid = new UUID(androidId.hashCode(), ((long)tmDevice.hashCode() << 32) | tmSerial.hashCode());
String deviceId = deviceUuid.toString();

might result in something like: 00000000-54b3-e7c7-0000-000046bffd97

It works well enough for me.

As Richard mentions below, don't forget that you need permission to read the TelephonyManager properties, so add this to your manifest:

<uses-permission android:name="android.permission.READ_PHONE_STATE" />

import libraries

import android.content.Context;
import android.telephony.TelephonyManager;
import android.view.View;
Alien answered 17/5, 2010 at 22:12 Comment(12)
Telephony-based ID won't be there on tablet devices, neh?Jordain
Hence why I said most won't work all the time :) I've yet to see any answer to this question that is reliable for all devices, all device types, and all hardware configurations. That's why this question is here to begin with. It's pretty clear that there is no end-all-be-all solution to this. Individual device manufacturers may have device serial numbers, but those are not exposed for us to use, and it is not a requirement. Thus we're left with what is available to us.Alien
The code sample works great. Remember to add <uses-permission android:name="android.permission.READ_PHONE_STATE" /> to the manifest file. If storing in a database, the returned string is 36 characters long.Dees
Be aware there are huge limitations with this solution: android-developers.blogspot.com/2011/03/…Cardiology
This answer is outdated and should not be used. Don't track devices, track installations!Autolycus
@softarn: I believe what you're referring to is the Android Developer Blog that emmby already linked to, which explains what you are trying to say, so perhaps you should have simply upvoted his comment instead. Either way, as emmby mentions in his answer, there are still problems even with the blog info. The question asks for a unique DEVICE identifier (not installation identifier), so I disagree with your statement. The blog is making an assumption that what you want is not necessarily to track the device, whereas the question asks for just that. I agree with the blog otherwise.Alien
I think there is one serious flaw in this method. This depends on SIM card information, users sometimes switch to Airplane mode = no SIM connected. You need to have a fallback mechanism in this scenario, probably to take the Android ID.Poisonous
@Daniel Novak: fair point. For my case, it wasn't relevant because the id is used in API communication, so Airplane mode = no app :) We also designed it this way so that, e.g., if the user swaps SIM cards, we intentionally wanted the "device id" to be different. Obviously that won't be the case for everyone, so thanks for pointing it out.Alien
I'm a bit surprised that noone's brought this one up yet, but the code example can be really unfortunate in some circumstances - it will return a different ID depending on whether the phone is, for example, in flight mode or not, since the simSerialNumber will be null if the device gsm network is switched off. If you have an app that relies on a unique id, but only needs internet, not necessarily network, it might be best to ensure that the code always returns the same ID regardless of the current phone's network status.Webber
I have used this code for 6 month. It does not generate a unique ID. I do not recommend all of you to use this code. Currently I am using the code from this post: https://mcmap.net/q/11063/-is-there-a-unique-android-device-idGileadite
I would strongly recommend you don't use this code. It has several critical bugs: Firstly, both telephony and Android ID aren't guaranteed to exist, and if both don't exist your devices will be mapped according to their model alone. Secondly, and more important, when you use the Android ID's hash code you turn a 64bit string representation of a number to a 32 bit number, and thus you lose a lot of the uniqueness.Chockablock
The IMEI Id can no longer work for android 10 and aboveAirwaves
I
472

#Last Updated: 6/2/15


After reading every Stack Overflow post about creating a unique ID, the Google developer blog, and Android documentation, I feel as if the 'Pseudo ID' is the best possible option.

Main Issue: Hardware vs Software

Hardware

  • Users can change their hardware, Android tablet, or phone, so unique IDs based on hardware are not good ideas for TRACKING USERS
  • For TRACKING HARDWARE, this is a great idea

Software

  • Users can wipe/change their ROM if they are rooted
  • You can track users across platforms (iOS, Android, Windows, and Web)
  • The best want to TRACK AN INDIVIDUAL USER with their consent is to simply have them login (make this seamless using OAuth)

#Overall breakdown with Android

###- Guarantee uniqueness (include rooted devices) for API >= 9/10 (99.5% of Android devices) ###- No extra permissions

Psuedo code:

if API >= 9/10: (99.5% of devices)

return unique ID containing serial id (rooted devices may be different)

else

return the unique ID of build information (may overlap data - API < 9)

Thanks to @stansult for posting all of our options (in this Stack Overflow question).

##List of options - reasons why/ why not to use them:

  • User Email - Software

  • User could change email - HIGHLY unlikely

  • API 5+ <uses-permission android:name="android.permission.GET_ACCOUNTS" /> or

  • API 14+ <uses-permission android:name="android.permission.READ_PROFILE" /> <uses-permission android:name="android.permission.READ_CONTACTS" /> (How to get the Android device's primary e-mail address)

  • User Phone Number - Software

  • Users could change phone numbers - HIGHLY unlikely

  • <uses-permission android:name="android.permission.READ_PHONE_STATE" />

  • IMEI - Hardware (only phones, needs android.permission.READ_PHONE_STATE)

  • Most users hate the fact that it says "Phone Calls" in the permission. Some users give bad ratings because they believe you are simply stealing their personal information when all you really want to do is track device installs. It is obvious that you are collecting data.

  • <uses-permission android:name="android.permission.READ_PHONE_STATE" />

  • Android ID - Hardware (can be null, can change upon factory reset, can be altered on a rooted device)

  • Since it can be 'null', we can check for 'null' and change its value, but this means it will no longer be unique.

  • If you have a user with a factory reset device, the value may have changed or altered on the rooted device so there may be duplicates entries if you are tracking user installs.

  • WLAN MAC Address - Hardware (needs android.permission.ACCESS_WIFI_STATE)

  • This could be the second-best option, but you are still collecting and storing a unique identifier that comes directly from a user. This is obvious that you are collecting data.

  • <uses-permission android:name="android.permission.ACCESS_WIFI_STATE "/>

  • Bluetooth MAC Address - Hardware (devices with Bluetooth, needs android.permission.BLUETOOTH)

  • Most applications on the market do not use Bluetooth, and so if your application doesn't use Bluetooth and you are including this, the user could become suspicious.

  • <uses-permission android:name="android.permission.BLUETOOTH "/>

  • Pseudo-Unique ID - Software (for all Android devices)

  • Very possible, may contain collisions - See my method posted below!

  • This allows you to have an 'almost unique' ID from the user without taking anything that is private. You can create your own anonymous ID from device information.


I know there isn't any 'perfect' way of getting a unique ID without using permissions; however, sometimes we only really need to track the device installation. When it comes to creating a unique ID, we can create a 'pseudo unique id' based solely on information that the Android API gives us without using extra permissions. This way, we can show the user respect and try to offer a good user experience as well.

With a pseudo-unique id, you really only run into the fact that there may be duplicates based on the fact that there are similar devices. You can tweak the combined method to make it more unique; however, some developers need to track device installs and this will do the trick or performance based on similar devices.

##API >= 9:

If their Android device is API 9 or over, this is guaranteed to be unique because of the 'Build.SERIAL' field.

REMEMBER, you are technically only missing out on around 0.5% of users who have API < 9. So you can focus on the rest: This is 99.5% of the users!

##API < 9:

If the user's Android device is lower than API 9; hopefully, they have not done a factory reset and their 'Secure.ANDROID_ID' will be preserved or not 'null'. (see http://developer.android.com/about/dashboards/index.html)

##If all else fails:

If all else fails, if the user does have lower than API 9 (lower than Gingerbread), has reset their device, or 'Secure.ANDROID_ID' returns 'null', then simply the ID returned will be solely based on their Android device information. This is where the collisions can happen.

Changes:

  • Removed 'Android.SECURE_ID' because factory resets could cause the value to change
  • Edited the code to change on API
  • Changed the Pseudo

Please take a look at the method below:

/**
 * Return pseudo unique ID
 * @return ID
 */
public static String getUniquePsuedoID() {
    // If all else fails, if the user does have lower than API 9 (lower
    // than Gingerbread), has reset their device or 'Secure.ANDROID_ID'
    // returns 'null', then simply the ID returned will be solely based
    // off their Android device information. This is where the collisions
    // can happen.
    // Thanks http://www.pocketmagic.net/?p=1662!
    // Try not to use DISPLAY, HOST or ID - these items could change.
    // If there are collisions, there will be overlapping data
    String m_szDevIDShort = "35" + (Build.BOARD.length() % 10) + (Build.BRAND.length() % 10) + (Build.CPU_ABI.length() % 10) + (Build.DEVICE.length() % 10) + (Build.MANUFACTURER.length() % 10) + (Build.MODEL.length() % 10) + (Build.PRODUCT.length() % 10);

    // Thanks to @Roman SL!
    // https://mcmap.net/q/11063/-is-there-a-unique-android-device-id
    // Only devices with API >= 9 have android.os.Build.SERIAL
    // http://developer.android.com/reference/android/os/Build.html#SERIAL
    // If a user upgrades software or roots their device, there will be a duplicate entry
    String serial = null;
    try {
        serial = android.os.Build.class.getField("SERIAL").get(null).toString();

        // Go ahead and return the serial for api => 9
        return new UUID(m_szDevIDShort.hashCode(), serial.hashCode()).toString();
    } catch (Exception exception) {
        // String needs to be initialized
        serial = "serial"; // some value
    }

    // Thanks @Joe!
    // https://mcmap.net/q/11063/-is-there-a-unique-android-device-id
    // Finally, combine the values we have found by using the UUID class to create a unique identifier
    return new UUID(m_szDevIDShort.hashCode(), serial.hashCode()).toString();
}

#New (for apps with ads AND Google Play Services):

From the Google Play Developer's console:

Beginning August 1st, 2014, the Google Play Developer Program Policy requires all-new app uploads and updates to use the advertising ID in lieu of any other persistent identifiers for any advertising purposes. Learn more

Implementation:

Permission:

<uses-permission android:name="android.permission.INTERNET" />

Code:

import com.google.android.gms.ads.identifier.AdvertisingIdClient;
import com.google.android.gms.ads.identifier.AdvertisingIdClient.Info;
import com.google.android.gms.common.GooglePlayServicesAvailabilityException;
import com.google.android.gms.common.GooglePlayServicesNotAvailableException;
import java.io.IOException;
...

// Do not call this function from the main thread. Otherwise, 
// an IllegalStateException will be thrown.
public void getIdThread() {

  Info adInfo = null;
  try {
    adInfo = AdvertisingIdClient.getAdvertisingIdInfo(mContext);

  } catch (IOException exception) {
    // Unrecoverable error connecting to Google Play services (e.g.,
    // the old version of the service doesn't support getting AdvertisingId).
 
  } catch (GooglePlayServicesAvailabilityException exception) {
    // Encountered a recoverable error connecting to Google Play services. 

  } catch (GooglePlayServicesNotAvailableException exception) {
    // Google Play services is not available entirely.
  }
  final String id = adInfo.getId();
  final boolean isLAT = adInfo.isLimitAdTrackingEnabled();
}

Source/Docs:

http://developer.android.com/google/play-services/id.html http://developer.android.com/reference/com/google/android/gms/ads/identifier/AdvertisingIdClient.html

##Important:

It is intended that the advertising ID completely replace existing usage of other identifiers for ads purposes (such as the use of ANDROID_ID in Settings.Secure) when Google Play Services is available. Cases where Google Play Services is unavailable are indicated by a GooglePlayServicesNotAvailableException being thrown by getAdvertisingIdInfo().

##Warning, users can reset:

http://en.kioskea.net/faq/34732-android-reset-your-advertising-id

I have tried to reference every link that I took information from. If you are missing and need to be included, please comment!

Google Player Services InstanceID

https://developers.google.com/instance-id/

Inconsequential answered 12/7, 2013 at 23:58 Comment(3)
i used your method in my app for sending comments. i have bad news. unfortunately PsuedoID isn't unique completely. my server recorded more than 100 for 5 ID and more than 30 for almost 30 ID. the most repeated IDs are 'ffffffff-fc8f-6093-ffff-ffffd8' (159 record) and 'ffffffff-fe99-b334-ffff-ffffef' (154 time). also based on time and comments it's obvious there are different peoples. the total records until now is 10,000. please let me know why this happened. tanks.Araminta
I wrote this 1.5+ years ago. I am not sure why it is not unique for you. You can try the advertising ID. If not, you can come up with your own solution.Inconsequential
why so hard to get the unique id with a simple without collision anyway? just use Pseudo-Unique ID - Software + date (hhmmss) it's no collision. the longer the combination the higher difficulties rate applied.Gnawing
C
355

As Dave Webb mentions, the Android Developer Blog has an article that covers this. Their preferred solution is to track app installs rather than devices, and that will work well for most use cases. The blog post will show you the necessary code to make that work, and I recommend you check it out.

However, the blog post goes on to discuss solutions if you need a device identifier rather than an app installation identifier. I spoke with someone at Google to get some additional clarification on a few items in the event that you need to do so. Here's what I discovered about device identifiers that's NOT mentioned in the aforementioned blog post:

  • ANDROID_ID is the preferred device identifier. ANDROID_ID is perfectly reliable on versions of Android <=2.1 or >=2.3. Only 2.2 has the problems mentioned in the post.
  • Several devices by several manufacturers are affected by the ANDROID_ID bug in 2.2.
  • As far as I've been able to determine, all affected devices have the same ANDROID_ID, which is 9774d56d682e549c. Which is also the same device id reported by the emulator, btw.
  • Google believes that OEMs have patched the issue for many or most of their devices, but I was able to verify that as of the beginning of April 2011, at least, it's still quite easy to find devices that have the broken ANDROID_ID.

Based on Google's recommendations, I implemented a class that will generate a unique UUID for each device, using ANDROID_ID as the seed where appropriate, falling back on TelephonyManager.getDeviceId() as necessary, and if that fails, resorting to a randomly generated unique UUID that is persisted across app restarts (but not app re-installations).

Note that for devices that have to fallback on the device ID, the unique ID WILL persist across factory resets. This is something to be aware of. If you need to ensure that a factory reset will reset your unique ID, you may want to consider falling back directly to the random UUID instead of the device ID.

Again, this code is for a device ID, not an app installation ID. For most situations, an app installation ID is probably what you're looking for. But if you do need a device ID, then the following code will probably work for you.

import android.content.Context;
import android.content.SharedPreferences;
import android.provider.Settings.Secure;
import android.telephony.TelephonyManager;

import java.io.UnsupportedEncodingException;
import java.util.UUID;

public class DeviceUuidFactory {

    protected static final String PREFS_FILE = "device_id.xml";
    protected static final String PREFS_DEVICE_ID = "device_id";
    protected volatile static UUID uuid;

    public DeviceUuidFactory(Context context) {
        if (uuid == null) {
            synchronized (DeviceUuidFactory.class) {
                if (uuid == null) {
                    final SharedPreferences prefs = context
                            .getSharedPreferences(PREFS_FILE, 0);
                    final String id = prefs.getString(PREFS_DEVICE_ID, null);
                    if (id != null) {
                        // Use the ids previously computed and stored in the
                        // prefs file
                        uuid = UUID.fromString(id);
                    } else {
                        final String androidId = Secure.getString(
                            context.getContentResolver(), Secure.ANDROID_ID);
                        // Use the Android ID unless it's broken, in which case
                        // fallback on deviceId,
                        // unless it's not available, then fallback on a random
                        // number which we store to a prefs file
                        try {
                            if (!"9774d56d682e549c".equals(androidId)) {
                                uuid = UUID.nameUUIDFromBytes(androidId
                                        .getBytes("utf8"));
                            } else {
                                final String deviceId = (
                                    (TelephonyManager) context
                                    .getSystemService(Context.TELEPHONY_SERVICE))
                                    .getDeviceId();
                                uuid = deviceId != null ? UUID
                                    .nameUUIDFromBytes(deviceId
                                            .getBytes("utf8")) : UUID
                                    .randomUUID();
                            }
                        } catch (UnsupportedEncodingException e) {
                            throw new RuntimeException(e);
                        }
                        // Write the value out to the prefs file
                        prefs.edit()
                                .putString(PREFS_DEVICE_ID, uuid.toString())
                                .commit();
                    }
                }
            }
        }
    }

    /**
     * Returns a unique UUID for the current android device. As with all UUIDs,
     * this unique ID is "very highly likely" to be unique across all Android
     * devices. Much more so than ANDROID_ID is.
     * 
     * The UUID is generated by using ANDROID_ID as the base key if appropriate,
     * falling back on TelephonyManager.getDeviceID() if ANDROID_ID is known to
     * be incorrect, and finally falling back on a random UUID that's persisted
     * to SharedPreferences if getDeviceID() does not return a usable value.
     * 
     * In some rare circumstances, this ID may change. In particular, if the
     * device is factory reset a new device ID may be generated. In addition, if
     * a user upgrades their phone from certain buggy implementations of Android
     * 2.2 to a newer, non-buggy version of Android, the device ID may change.
     * Or, if a user uninstalls your app on a device that has neither a proper
     * Android ID nor a Device ID, this ID may change on reinstallation.
     * 
     * Note that if the code falls back on using TelephonyManager.getDeviceId(),
     * the resulting ID will NOT change after a factory reset. Something to be
     * aware of.
     * 
     * Works around a bug in Android 2.2 for many devices when using ANDROID_ID
     * directly.
     * 
     * @see http://code.google.com/p/android/issues/detail?id=10603
     * 
     * @return a UUID that may be used to uniquely identify your device for most
     *         purposes.
     */
    public UUID getDeviceUuid() {
        return uuid;
    }
}
Cardiology answered 11/4, 2011 at 19:6 Comment(2)
ANDROID_ID can change on factory reset, so it cannot identify devices as wellMaihem
As I note on your same answer here there is no guarantee you will get the same generated UUID across processes - the SharedPrefs copy is local !Parachronism
P
188

Here is the code that Reto Meier used in the Google I/O presentation this year to get a unique id for the user:

private static String uniqueID = null;
private static final String PREF_UNIQUE_ID = "PREF_UNIQUE_ID";

public synchronized static String id(Context context) {
    if (uniqueID == null) {
        SharedPreferences sharedPrefs = context.getSharedPreferences(
                PREF_UNIQUE_ID, Context.MODE_PRIVATE);
        uniqueID = sharedPrefs.getString(PREF_UNIQUE_ID, null);
        if (uniqueID == null) {
            uniqueID = UUID.randomUUID().toString();
            Editor editor = sharedPrefs.edit();
            editor.putString(PREF_UNIQUE_ID, uniqueID);
            editor.commit();
        }
    }
    return uniqueID;
}

If you couple this with a backup strategy to send preferences to the cloud (also described in Reto's talk, you should have an id that ties to a user and sticks around after the device has been wiped, or even replaced. I plan to use this in analytics going forward (in other words, I have not done that bit yet :).

Prescience answered 28/10, 2011 at 13:19 Comment(3)
Great option if you don't need the unique ID to persist after an uninstall and reinstall (e.g. promotional event/game where you get three chances to win, period).Mccown
The Meier presentation relies upon using the Android Backup Manager, which in turn depends upon the user choosing to turn that feature on. That is fine for app user preferences (Meier's use), because if the user has not selected that option, she just won't get those backed up. However, the original question is about generating a unique ID for the device, and this ID is generated per app, and not even per installation, let alone per device, and since it relies upon the user selecting the backup option, its uses beyond user preferences (e.g., for a time-limited trial) are limited.Anora
This won't work on an uninstall or clearing of data.Nupercaine
W
142

It's a simple question, with no simple answer.

Moreover, all of the existing answers here are either out of date or unreliable.

So if you're searching for a solution after 2020.

Here are a few things to keep in mind:

All the hardware-based identifiers (IMEI, MAC, Serial Number, etc.) are unreliable for non-google devices (except Pixels and Nexuses), which are statistically most of the android active devices worldwide. Therefore official Android identifiers best practices clearly states:

Avoid using hardware identifiers, such as IMEI, MAC address, etc...

Which makes most of the answers here invalid. Also due to different android security updates, some of them require newer and stricter runtime permissions, which can be simply denied by the user.

For example CVE-2018-9489 affects all the WIFI based techniques mentioned above.

That makes those identifiers not only unreliable but also inaccessible in many cases.

So in simpler words: don't use those techniques.

Many other answers here are suggesting to use the AdvertisingIdClient, which is also incompatible, as it's by design only for ads profiling. It's also stated in the official reference

Only use an Advertising ID for user profiling or ads use cases

It's not only unreliable for device identification, but you also must follow the user privacy regarding ad tracking policy, which states clearly that users can reset or block it at any moment.

So don't use it either.

Since you cannot have the desired static globally unique and reliable device identifier. Android's official reference suggests:

Use a Firebase installation ID (FID) or a privately stored GUID whenever possible for all other use cases, except for payment fraud prevention and telephony.

It's unique for the application installation on the device, so when the user uninstalls the app - it's wiped out, so it's not 100% reliable, but it's the next best thing.

Note As of today the FirebaseInstanceId is deprecated, you should use FirebaseInstallations instead.

To use FirebaseInstallations add the latest firebase-messaging dependency into your gradle

implementation 'com.google.firebase:firebase-messaging:23.0.0'

And use the code below to get the firebase ID:

FirebaseInstallations.getInstance().getId().addOnCompleteListener(task -> {
     if (task.isSuccessful()) {
        String firebaseIdentifier = task.getResult();
        // Do what you need with firebaseIdentifier
     }
});

If you need to store the device identification on your remote server, then don't store it as is (plain text), but a hash with salt.

Today it's not only a best practice, you actually must do it by law according to GDPR - identifiers and similar regulations.

Waynewayolle answered 28/11, 2019 at 17:10 Comment(10)
Could you specify what section of the GDPR link you posted actually mentions the requirement for hashing IDs?Helix
@DavidSchneider the web-content is dynamic in its nature and the GDPR is just one of the examples, please note I've written " GDPR and similar regulations ", as there are many local and global regulations which affect your product / system / field. In any case the GDPR sections, that you are looking for are: Identification, Online identifiers and Data protection principlesWaynewayolle
proandroiddev.com/…Shred
using com.google.firebase:firebase-messaging:23.0.0 can't find the FirebaseInstanceId method. In 2022 use FirebaseMessaging.getInstance().getToken()Accountant
How is SSAID hardware identifier? It changes on each factory reset and it is unique to each combination of app-signing key, user, and device.Beitz
@ViktorBrešan In theory you're right. But this is a quotation from the Android official documentation: Avoid using hardware identifiers, such as SSAID (Android ID), IMEI, MAC address, etc... Specifically for my answer, I've stated what is the problem with this and other identifiers and then explained an alternative.Waynewayolle
@Detrain Because tracking devices is a privacy and security threat against users. There are no legitimate cases that call for it, so there is no reason to make it possible. Hw ids turned out to be mistakes and Google is slowly fixing them.Holley
very risky approaches!Padua
Thank you for your detailed answer. However, what if you want to prevent trial abuse from users ? If the Firebase id is wiped when the user uninstalls the app, and a new id is generated on installation, you can't use this approach (from my understanding) to check if the ID was used in the past.Unsearchable
@Unsearchable This is a separate question. According to the policy of stackoverflow, it should be asked separately. Anyway, keep in mind that managing demos / trial versions can have business impact on your product, so I don't think there is one solution to match all cases.Waynewayolle
J
106

Also you might consider the Wi-Fi adapter's MAC address. Retrieved like this:

WifiManager wm = (WifiManager)Ctxt.getSystemService(Context.WIFI_SERVICE);
return wm.getConnectionInfo().getMacAddress();

Requires permission android.permission.ACCESS_WIFI_STATE in the manifest.

Reported to be available even when Wi-Fi is not connected. If Joe from the answer above gives this one a try on his many devices, that'd be nice.

On some devices, it's not available when Wi-Fi is turned off.

NOTE: From Android 6.x, it returns consistent fake mac address: 02:00:00:00:00:00

Jordain answered 23/6, 2010 at 14:27 Comment(10)
This required android.permission.ACCESS_WIFI_STATECircumbendibus
I know this question is old - but this is a great idea. I used the BT mac ID in my app, but only because it requires BT to function. Show me an Android device that's worth developing for that does NOT have WiFi.Elery
I think you'll find that it's unavailable when WiFi is off, on pretty much all android devices. Turning WiFi off removes the device at kernel level.Nadinenadir
@Sanandrea - let's face it, on a rooted device EVERYTHING can be spoofed.Summerlin
As stated the google blog, MAC is not a good option. "It may be possible to retrieve a Mac address from a device’s WiFi or Bluetooth hardware. We do not recommend using this as a unique identifier. To start with, not all devices have WiFi. Also, if the WiFi is not turned on, the hardware may not report the Mac address." android-developers.blogspot.com.es/2011/03/…Hydrostat
Accessing WiFi MAC address has been blocked on Android M: #31330233Sublingual
Most notably, Local WiFi and Bluetooth MAC addresses are no longer available.The getMacAddress() method of aWifiInfo object and the BluetoothAdapter.getDefaultAdapter().getAddress() method will both return02:00:00:00:00:00 from now onGlindaglinka
some devices can have no wi-fi (personally experienced)Goth
From Android 6.x it returns consistent fake mac address: 02:00:00:00:00:00Gileadite
android 10+ randomize mac address, so I do not recommend this solutionGuessrope
A
93

There’s rather useful info here.

It covers five different ID types:

  1. IMEI (only for Android devices with Phone use; needs android.permission.READ_PHONE_STATE)
  2. Pseudo-Unique ID (for all Android devices)
  3. Android ID (can be null, can change upon factory reset, can be altered on rooted phone)
  4. WLAN MAC Address string (needs android.permission.ACCESS_WIFI_STATE)
  5. BT MAC Address string (devices with Bluetooth, needs android.permission.BLUETOOTH)
Astridastride answered 8/2, 2012 at 2:16 Comment(4)
Important point left out (here and in article): you can't get WLAN or BT MAC unless they are turned on! Otherwise I think the WLAN MAC would be the perfect identifier. You have no guarantee that the user will ever turn on their Wi-Fi, and I don't really think it is 'appropriate' to turn it on yourself.Predecessor
@Predecessor you're wrong. You can still read WLAN or BT MAC even when they're turned off. However, there is no guarantee that the device has WLAN or BT modules available.Valenta
Most notably, Local WiFi and Bluetooth MAC addresses are no longer available.The getMacAddress() method of aWifiInfo object and the BluetoothAdapter.getDefaultAdapter().getAddress() method will both return02:00:00:00:00:00 from now onGlindaglinka
@sarikakate It is true only in 6.0 Marshmallow and above... It is still working as expected in below 6.0 Marshmallow.Mccurdy
W
55

The official Android Developers Blog now has a full article just about this very subject, Identifying App Installations.

Wherry answered 6/4, 2011 at 7:36 Comment(3)
And the key point of that argument is that if you're trying to get a unique ID out of the hardware, you're probably making a mistake.Coltin
And if you're allowing your device-lock to be reset by a factory reset, your trialware model is as good as dead.Jordain
And the blog post already links to this site: developer.android.com/training/articles/user-data-idsVolauvent
P
53

At Google I/O Reto Meier released a robust answer to how to approach this which should meet most developers needs to track users across installations. Anthony Nolan shows the direction in his answer, but I thought I'd write out the full approach so that others can easily see how to do it (it took me a while to figure out the details).

This approach will give you an anonymous, secure user ID which will be persistent for the user across different devices (based on the primary Google account) and across installs. The basic approach is to generate a random user ID and to store this in the apps' shared preferences. You then use Google's backup agent to store the shared preferences linked to the Google account in the cloud.

Let's go through the full approach. First, we need to create a backup for our SharedPreferences using the Android Backup Service. Start by registering your app via http://developer.android.com/google/backup/signup.html.

Google will give you a backup service key which you need to add to the manifest. You also need to tell the application to use the BackupAgent as follows:

<application android:label="MyApplication"
         android:backupAgent="MyBackupAgent">
    ...
    <meta-data android:name="com.google.android.backup.api_key"
        android:value="your_backup_service_key" />
</application>

Then you need to create the backup agent and tell it to use the helper agent for sharedpreferences:

public class MyBackupAgent extends BackupAgentHelper {
    // The name of the SharedPreferences file
    static final String PREFS = "user_preferences";

    // A key to uniquely identify the set of backup data
    static final String PREFS_BACKUP_KEY = "prefs";

    // Allocate a helper and add it to the backup agent
    @Override
    public void onCreate() {
        SharedPreferencesBackupHelper helper = new SharedPreferencesBackupHelper(this,          PREFS);
        addHelper(PREFS_BACKUP_KEY, helper);
    }
}

To complete the backup you need to create an instance of BackupManager in your main Activity:

BackupManager backupManager = new BackupManager(context);

Finally create a user ID, if it doesn't already exist, and store it in the SharedPreferences:

  public static String getUserID(Context context) {
            private static String uniqueID = null;
        private static final String PREF_UNIQUE_ID = "PREF_UNIQUE_ID";
    if (uniqueID == null) {
        SharedPreferences sharedPrefs = context.getSharedPreferences(
                MyBackupAgent.PREFS, Context.MODE_PRIVATE);
        uniqueID = sharedPrefs.getString(PREF_UNIQUE_ID, null);
        if (uniqueID == null) {
            uniqueID = UUID.randomUUID().toString();
            Editor editor = sharedPrefs.edit();
            editor.putString(PREF_UNIQUE_ID, uniqueID);
            editor.commit();

            //backup the changes
            BackupManager mBackupManager = new BackupManager(context);
            mBackupManager.dataChanged();
        }
    }

    return uniqueID;
}

This User_ID will now be persistent across installations, even if the user moves device.

For more information on this approach see Reto's talk.

And for full details of how to implement the backup agent see Data Backup. I particularly recommend the section at the bottom on testing as the backup does not happen instantaneously and so to test you have to force the backup.

Profit answered 22/12, 2012 at 8:13 Comment(2)
Doesn't this lead to multiple devices with the same id when a user has multiple devices? A tablet and a phone for instance.Gonta
What if the user has disabled the backup on the phone? no apps data would be backed up in that situation!Radiosonde
O
45

I think this is sure fire way of building a skeleton for a unique ID... check it out.

Pseudo-Unique ID, that works on all Android devices Some devices don't have a phone (eg. Tablets) or for some reason, you don't want to include the READ_PHONE_STATE permission. You can still read details like ROM Version, Manufacturer name, CPU type, and other hardware details, that will be well suited if you want to use the ID for a serial key check, or other general purposes. The ID computed in this way won't be unique: it is possible to find two devices with the same ID (based on the same hardware and ROM image) but the changes in real-world applications are negligible. For this purpose you can use the Build class:

String m_szDevIDShort = "35" + //we make this look like a valid IMEI
            Build.BOARD.length()%10+ Build.BRAND.length()%10 +
            Build.CPU_ABI.length()%10 + Build.DEVICE.length()%10 +
            Build.DISPLAY.length()%10 + Build.HOST.length()%10 +
            Build.ID.length()%10 + Build.MANUFACTURER.length()%10 +
            Build.MODEL.length()%10 + Build.PRODUCT.length()%10 +
            Build.TAGS.length()%10 + Build.TYPE.length()%10 +
            Build.USER.length()%10 ; //13 digits

Most of the Build members are strings, what we're doing here is to take their length and transform it via modulo in a digit. We have 13 such digits and we are adding two more in front (35) to have the same size ID as the IMEI (15 digits). There are other possibilities here are well, just have a look at these strings. Returns something like 355715565309247. No special permission is required, making this approach very convenient.


(Extra info: The technique given above was copied from an article on Pocket Magic.)

Organology answered 24/3, 2011 at 19:55 Comment(9)
Interesting solution. It sounds like this is a situation where you really should be just hashing all that data concatenated instead of trying to come up with your own "hash" function. There are many instances where you'd get collisions even if there is substantial data that is different for each value. My recommendation: use a hash function and then transform the binary results into decimal and truncate it as needed. To do it right, though you should really use a UUID or full hash string.Vite
I found that the Build.CPU_ABI and Build.MANUFACTURER are not present in all versions.. I was getting harsh build errors when running against <2.2 :)Organology
You should give credit to your sources... This has been lifted straight out of the following article: pocketmagic.net/?p=1662Revivify
This ID is open to collisions like you don't know what. It's practically guaranteed to be the same on identical devices from the same carrier.Jordain
This may also change if the device gets upgraded.Ailssa
I don't think it's good idea to use this solution. As I understand all Build fields will be the same for all phones produced together.Ranice
Per David Given's comment, this seems like a serious concern. A careful inventory should be made of the Build attributes to determine which ones are unlikely to change as a result of an over-the-air update. For example, Build.DISPLAY above, per the Javadoc, is "A build ID string meant for displaying to the user," so wouldn't that be likely to change when an update occurs? I still think that this approach could add useful distinguishing attributes in combination with other information from the device, but only if such OTA-changeable attributes can be carefully culled.Anora
Likewise, Build.HOST is defined as "A string that uniquely identifies the host the build was BUILT on, in human readable format." It seems entirely possible that different BUILD machines could be used to create the build for an OTA update.Anora
Very, very bad solution. Tested on two Nexus 5... Return same numbers.Zackzackariah
T
43

The following code returns the device serial number using a hidden Android API. But, this code don't works on Samsung Galaxy Tab because "ro.serialno" isn't set on this device.

String serial = null;

try {
    Class<?> c = Class.forName("android.os.SystemProperties");
    Method get = c.getMethod("get", String.class);
    serial = (String) get.invoke(c, "ro.serialno");
}
catch (Exception ignored) {

}
Tatianna answered 25/1, 2011 at 2:39 Comment(0)
R
33

Using the code below, you can get the unique device ID of an Android OS device as a string.

deviceId = Secure.getString(getApplicationContext().getContentResolver(), Secure.ANDROID_ID); 
Reichstag answered 17/5, 2011 at 14:44 Comment(0)
R
23

A Serial field was added to the Build class in API level 9 (Android 2.3 - Gingerbread). Documentation says it represents the hardware serial number. Thus it should be unique, if it exists on the device.

I don't know whether it is actually supported (=not null) by all devices with API level >= 9 though.

Reciprocation answered 6/3, 2011 at 15:28 Comment(1)
Unfortunately, it's "unknown".Peavey
E
23

One thing I'll add - I have one of those unique situations.

Using:

deviceId = Secure.getString(this.getContext().getContentResolver(), Secure.ANDROID_ID);

Turns out that even though my Viewsonic G Tablet reports a DeviceID that is not Null, every single G Tablet reports the same number.

Makes it interesting playing "Pocket Empires" which gives you instant access to someone's account based on the "unique" DeviceID.

My device does not have a cell radio.

Ethridge answered 21/3, 2011 at 20:46 Comment(0)
B
21

For detailed instructions on how to get a unique identifier for each Android device your application is installed from, see the official Android Developers Blog posting Identifying App Installations.

It seems the best way is for you to generate one yourself upon installation and subsequently read it when the application is re-launched.

I personally find this acceptable but not ideal. No one identifier provided by Android works in all instances as most are dependent on the phone's radio states (Wi-Fi on/off, cellular on/off, Bluetooth on/off). The others, like Settings.Secure.ANDROID_ID must be implemented by the manufacturer and are not guaranteed to be unique.

The following is an example of writing data to an installation file that would be stored along with any other data the application saves locally.

public class Installation {
    private static String sID = null;
    private static final String INSTALLATION = "INSTALLATION";

    public synchronized static String id(Context context) {
        if (sID == null) {
            File installation = new File(context.getFilesDir(), INSTALLATION);
            try {
                if (!installation.exists())
                    writeInstallationFile(installation);
                sID = readInstallationFile(installation);
            } 
            catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return sID;
    }

    private static String readInstallationFile(File installation) throws IOException {
        RandomAccessFile f = new RandomAccessFile(installation, "r");
        byte[] bytes = new byte[(int) f.length()];
        f.readFully(bytes);
        f.close();
        return new String(bytes);
    }

    private static void writeInstallationFile(File installation) throws IOException {
        FileOutputStream out = new FileOutputStream(installation);
        String id = UUID.randomUUID().toString();
        out.write(id.getBytes());
        out.close();
    }
}
Backswept answered 2/8, 2011 at 3:21 Comment(4)
If you want to track app installations this is perfect. Tracking devices though is a lot trickier, and there doesn't appear to be a completely air-tight solution.Middy
What about rooted devices? They can change this installation id easily, right?Mcelrath
Absolutely. Root can change the installation ID. You can check for root using this code block: #1101880Backswept
If you factory reset and delete or format the /data partition the UUID is different.Backswept
L
16

Add Below code in class file:

final TelephonyManager tm = (TelephonyManager) getBaseContext()
            .getSystemService(SplashActivity.TELEPHONY_SERVICE);
    final String tmDevice, tmSerial, androidId;
    tmDevice = "" + tm.getDeviceId();
    Log.v("DeviceIMEI", "" + tmDevice);
    tmSerial = "" + tm.getSimSerialNumber();
    Log.v("GSM devices Serial Number[simcard] ", "" + tmSerial);
    androidId = "" + android.provider.Settings.Secure.getString(getContentResolver(),
            android.provider.Settings.Secure.ANDROID_ID);
    Log.v("androidId CDMA devices", "" + androidId);
    UUID deviceUuid = new UUID(androidId.hashCode(),
            ((long) tmDevice.hashCode() << 32) | tmSerial.hashCode());
    String deviceId = deviceUuid.toString();
    Log.v("deviceIdUUID universally unique identifier", "" + deviceId);
    String deviceModelName = android.os.Build.MODEL;
    Log.v("Model Name", "" + deviceModelName);
    String deviceUSER = android.os.Build.USER;
    Log.v("Name USER", "" + deviceUSER);
    String devicePRODUCT = android.os.Build.PRODUCT;
    Log.v("PRODUCT", "" + devicePRODUCT);
    String deviceHARDWARE = android.os.Build.HARDWARE;
    Log.v("HARDWARE", "" + deviceHARDWARE);
    String deviceBRAND = android.os.Build.BRAND;
    Log.v("BRAND", "" + deviceBRAND);
    String myVersion = android.os.Build.VERSION.RELEASE;
    Log.v("VERSION.RELEASE", "" + myVersion);
    int sdkVersion = android.os.Build.VERSION.SDK_INT;
    Log.v("VERSION.SDK_INT", "" + sdkVersion);

Add in AndroidManifest.xml:

<uses-permission android:name="android.permission.READ_PHONE_STATE" />
Linctus answered 27/2, 2013 at 10:3 Comment(0)
W
15

There are a lot of different approaches to work around those ANDROID_ID issues (may be null sometimes or devices of a specific model always return the same ID) with pros and cons:

  • Implementing a custom ID generation algorithm (based on device properties that are supposed to be static and won't change -> who knows)
  • Abusing other IDs like IMEI, serial number, Wi-Fi/Bluetooth-MAC address (they won't exist on all devices or additional permissions become necessary)

I myself prefer using an existing OpenUDID implementation (see https://github.com/ylechelle/OpenUDID) for Android (see https://github.com/vieux/OpenUDID). It is easy to integrate and makes use of the ANDROID_ID with fallbacks for those issues mentioned above.

Wick answered 18/11, 2012 at 10:26 Comment(0)
P
13

My two cents - NB this is for a device (err) unique ID - not the installation one as discussed in the Android developers's blog.

Of note that the solution provided by @emmby falls back in a per application ID as the SharedPreferences are not synchronized across processes (see here and here). So I avoided this altogether.

Instead, I encapsulated the various strategies for getting a (device) ID in an enum - changing the order of the enum constants affects the priority of the various ways of getting the ID. The first non-null ID is returned or an exception is thrown (as per good Java practices of not giving null a meaning). So for instance I have the TELEPHONY one first - but a good default choice would be the ANDROID_ID beta:

import android.Manifest.permission;
import android.bluetooth.BluetoothAdapter;
import android.content.Context;
import android.content.pm.PackageManager;
import android.net.wifi.WifiManager;
import android.provider.Settings.Secure;
import android.telephony.TelephonyManager;
import android.util.Log;

// TODO : hash
public final class DeviceIdentifier {

    private DeviceIdentifier() {}

    /** @see http://code.google.com/p/android/issues/detail?id=10603 */
    private static final String ANDROID_ID_BUG_MSG = "The device suffers from "
        + "the Android ID bug - its ID is the emulator ID : "
        + IDs.BUGGY_ANDROID_ID;
    private static volatile String uuid; // volatile needed - see EJ item 71
    // need lazy initialization to get a context

    /**
     * Returns a unique identifier for this device. The first (in the order the
     * enums constants as defined in the IDs enum) non null identifier is
     * returned or a DeviceIDException is thrown. A DeviceIDException is also
     * thrown if ignoreBuggyAndroidID is false and the device has the Android ID
     * bug
     *
     * @param ctx
     *            an Android constant (to retrieve system services)
     * @param ignoreBuggyAndroidID
     *            if false, on a device with the android ID bug, the buggy
     *            android ID is not returned instead a DeviceIDException is
     *            thrown
     * @return a *device* ID - null is never returned, instead a
     *         DeviceIDException is thrown
     * @throws DeviceIDException
     *             if none of the enum methods manages to return a device ID
     */
    public static String getDeviceIdentifier(Context ctx,
            boolean ignoreBuggyAndroidID) throws DeviceIDException {
        String result = uuid;
        if (result == null) {
            synchronized (DeviceIdentifier.class) {
                result = uuid;
                if (result == null) {
                    for (IDs id : IDs.values()) {
                        try {
                            result = uuid = id.getId(ctx);
                        } catch (DeviceIDNotUniqueException e) {
                            if (!ignoreBuggyAndroidID)
                                throw new DeviceIDException(e);
                        }
                        if (result != null) return result;
                    }
                    throw new DeviceIDException();
                }
            }
        }
        return result;
    }

    private static enum IDs {
        TELEPHONY_ID {

            @Override
            String getId(Context ctx) {
                // TODO : add a SIM based mechanism ? tm.getSimSerialNumber();
                final TelephonyManager tm = (TelephonyManager) ctx
                        .getSystemService(Context.TELEPHONY_SERVICE);
                if (tm == null) {
                    w("Telephony Manager not available");
                    return null;
                }
                assertPermission(ctx, permission.READ_PHONE_STATE);
                return tm.getDeviceId();
            }
        },
        ANDROID_ID {

            @Override
            String getId(Context ctx) throws DeviceIDException {
                // no permission needed !
                final String andoidId = Secure.getString(
                    ctx.getContentResolver(),
                    android.provider.Settings.Secure.ANDROID_ID);
                if (BUGGY_ANDROID_ID.equals(andoidId)) {
                    e(ANDROID_ID_BUG_MSG);
                    throw new DeviceIDNotUniqueException();
                }
                return andoidId;
            }
        },
        WIFI_MAC {

            @Override
            String getId(Context ctx) {
                WifiManager wm = (WifiManager) ctx
                        .getSystemService(Context.WIFI_SERVICE);
                if (wm == null) {
                    w("Wifi Manager not available");
                    return null;
                }
                assertPermission(ctx, permission.ACCESS_WIFI_STATE); // I guess
                // getMacAddress() has no java doc !!!
                return wm.getConnectionInfo().getMacAddress();
            }
        },
        BLUETOOTH_MAC {

            @Override
            String getId(Context ctx) {
                BluetoothAdapter ba = BluetoothAdapter.getDefaultAdapter();
                if (ba == null) {
                    w("Bluetooth Adapter not available");
                    return null;
                }
                assertPermission(ctx, permission.BLUETOOTH);
                return ba.getAddress();
            }
        }
        // TODO PSEUDO_ID
        // http://www.pocketmagic.net/2011/02/android-unique-device-id/
        ;

        static final String BUGGY_ANDROID_ID = "9774d56d682e549c";
        private final static String TAG = IDs.class.getSimpleName();

        abstract String getId(Context ctx) throws DeviceIDException;

        private static void w(String msg) {
            Log.w(TAG, msg);
        }

        private static void e(String msg) {
            Log.e(TAG, msg);
        }
    }

    private static void assertPermission(Context ctx, String perm) {
        final int checkPermission = ctx.getPackageManager().checkPermission(
            perm, ctx.getPackageName());
        if (checkPermission != PackageManager.PERMISSION_GRANTED) {
            throw new SecurityException("Permission " + perm + " is required");
        }
    }

    // =========================================================================
    // Exceptions
    // =========================================================================
    public static class DeviceIDException extends Exception {

        private static final long serialVersionUID = -8083699995384519417L;
        private static final String NO_ANDROID_ID = "Could not retrieve a "
            + "device ID";

        public DeviceIDException(Throwable throwable) {
            super(NO_ANDROID_ID, throwable);
        }

        public DeviceIDException(String detailMessage) {
            super(detailMessage);
        }

        public DeviceIDException() {
            super(NO_ANDROID_ID);
        }
    }

    public static final class DeviceIDNotUniqueException extends
            DeviceIDException {

        private static final long serialVersionUID = -8940090896069484955L;

        public DeviceIDNotUniqueException() {
            super(ANDROID_ID_BUG_MSG);
        }
    }
}
Parachronism answered 18/9, 2013 at 19:12 Comment(0)
C
13

There are 30+ answers here and some are same and some are unique. This answer is based on few of those answers. One of them being @Lenn Dolling's answer.

It combines 3 IDs and creates a 32-digit hex string. It has worked very well for me.

3 IDs are:
Pseudo-ID - It is generated based on physical device specifications
ANDROID_ID - Settings.Secure.ANDROID_ID
Bluetooth Address - Bluetooth adapter address

It will return something like this: 551F27C060712A72730B0A0F734064B1

Note: You can always add more IDs to the longId string. For example, Serial #. wifi adapter address. IMEI. This way you are making it more unique per device.

@SuppressWarnings("deprecation")
@SuppressLint("HardwareIds")
public static String generateDeviceIdentifier(Context context) {

        String pseudoId = "35" +
                Build.BOARD.length() % 10 +
                Build.BRAND.length() % 10 +
                Build.CPU_ABI.length() % 10 +
                Build.DEVICE.length() % 10 +
                Build.DISPLAY.length() % 10 +
                Build.HOST.length() % 10 +
                Build.ID.length() % 10 +
                Build.MANUFACTURER.length() % 10 +
                Build.MODEL.length() % 10 +
                Build.PRODUCT.length() % 10 +
                Build.TAGS.length() % 10 +
                Build.TYPE.length() % 10 +
                Build.USER.length() % 10;

        String androidId = Settings.Secure.getString(context.getContentResolver(), Settings.Secure.ANDROID_ID);

        BluetoothAdapter bluetoothAdapter = BluetoothAdapter.getDefaultAdapter();
        String btId = "";

        if (bluetoothAdapter != null) {
            btId = bluetoothAdapter.getAddress();
        }

        String longId = pseudoId + androidId + btId;

        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(longId.getBytes(), 0, longId.length());

            // get md5 bytes
            byte md5Bytes[] = messageDigest.digest();

            // creating a hex string
            String identifier = "";

            for (byte md5Byte : md5Bytes) {
                int b = (0xFF & md5Byte);

                // if it is a single digit, make sure it have 0 in front (proper padding)
                if (b <= 0xF) {
                    identifier += "0";
                }

                // add number to string
                identifier += Integer.toHexString(b);
            }

            // hex string to uppercase
            identifier = identifier.toUpperCase();
            return identifier;
        } catch (Exception e) {
            Log.e("TAG", e.toString());
        }
        return "";
}
Carty answered 8/3, 2017 at 14:1 Comment(3)
Adding the UUID to the longId and store it in a file, will make it the most unique identifier : String uuid = UUID.randomUUID().toString();Mazuma
If all else fails, if the user does have lower than API 9 (lower than Gingerbread), has reset their phone or 'Secure.ANDROID_ID'. if returns 'null', then simply the ID returned will be solely based off their Android device information. This is where the collisions can happen. Try not to use DISPLAY, HOST or ID - these items could change. If there are collisions, there will be overlapping data. The source : gist.github.com/pedja1/fe69e8a80ed505500caaMazuma
@Ninja Since BLE mac address is unique, yes the ID generated will always be unique. However, if you really want to be sure, I would suggest to add a UUID to the longId. Change that one line like this: String longId = pseudoId + androidId + btId + UUID.randomUUID().toString(); This guarantees that generated ID will be unique.Leschen
E
12

How about the IMEI. That is unique for Android or other mobile devices.

Eggshell answered 14/7, 2011 at 20:1 Comment(2)
Not for my tablets, which don't have an IMEI since they don't connect to my mobile carrier.Derosa
Not to mention CDMA devices which have an ESN instead of an IMEI.Ailssa
S
12

The unique device ID of an Android OS device as String, using TelephonyManager and ANDROID_ID, is obtained by:

String deviceId;
final TelephonyManager mTelephony = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
if (mTelephony.getDeviceId() != null) {
    deviceId = mTelephony.getDeviceId();
}
else {
    deviceId = Secure.getString(
                   getApplicationContext().getContentResolver(),
                   Secure.ANDROID_ID);
}

But I strongly recommend a method suggested by Google, see Identifying App Installations.

Sphene answered 13/1, 2014 at 0:30 Comment(0)
G
11

Here is how I am generating the unique id:

public static String getDeviceId(Context ctx)
{
    TelephonyManager tm = (TelephonyManager) ctx.getSystemService(Context.TELEPHONY_SERVICE);

    String tmDevice = tm.getDeviceId();
    String androidId = Secure.getString(ctx.getContentResolver(), Secure.ANDROID_ID);
    String serial = null;
    if(Build.VERSION.SDK_INT > Build.VERSION_CODES.FROYO) serial = Build.SERIAL;

    if(tmDevice != null) return "01" + tmDevice;
    if(androidId != null) return "02" + androidId;
    if(serial != null) return "03" + serial;
    // other alternatives (i.e. Wi-Fi MAC, Bluetooth MAC, etc.)

    return null;
}
Gamble answered 27/5, 2013 at 18:34 Comment(1)
if we user ReadPhoneState in 6.0 version asking for runtime permissionMarjie
W
10

Another way is to use /sys/class/android_usb/android0/iSerial in an app without any permissions whatsoever.

user@creep:~$ adb shell ls -l /sys/class/android_usb/android0/iSerial
-rw-r--r-- root     root         4096 2013-01-10 21:08 iSerial
user@creep:~$ adb shell cat /sys/class/android_usb/android0/iSerial
0A3CXXXXXXXXXX5

To do this in Java one would just use a FileInputStream to open the iSerial file and read out the characters. Just be sure you wrap it in an exception handler, because not all devices have this file.

At least the following devices are known to have this file world-readable:

  • Galaxy Nexus
  • Nexus S
  • Motorola Xoom 3G
  • Toshiba AT300
  • HTC One V
  • Mini MK802
  • Samsung Galaxy S II

You can also see my blog post Leaking Android hardware serial number to unprivileged apps where I discuss what other files are available for information.

Wound answered 31/1, 2013 at 15:40 Comment(2)
I just read your blog post. I believe that this is not unique: Build.SERIAL is also available w/o any permissions, and is (in theory) a unique hardware serial number.Predecessor
You're right. It's just one more way that your device can be tracked, and as you said both of these ways require no app permissions.Wound
C
10

I use the following code to get the IMEI or use Secure.ANDROID_ID as an alternative, when the device doesn't have phone capabilities:

String identifier = null;
TelephonyManager tm = (TelephonyManager)context.getSystemService(Context.TELEPHONY_SERVICE));
if (tm != null)
      identifier = tm.getDeviceId();
if (identifier == null || identifier .length() == 0)
      identifier = Secure.getString(activity.getContentResolver(),Secure.ANDROID_ID);
Courses answered 15/4, 2013 at 13:1 Comment(0)
A
10

For hardware recognition of a specific Android device you could check the MAC Addresses.

you can do it that way:

in AndroidManifest.xml

<uses-permission android:name="android.permission.INTERNET" />

now in your code:

List<NetworkInterface> interfacesList = Collections.list(NetworkInterface.getNetworkInterfaces());

for (NetworkInterface interface : interfacesList) {
   // This will give you the interface MAC ADDRESS
   interface.getHardwareAddress();
}

In every Android device their is at least a "wlan0" Interface witch is the WI-FI chip. This code works even when WI-FI is not turned on.

P.S. Their are a bunch of other Interfaces you will get from the list containing MACS But this can change between phones.

Animalism answered 1/9, 2015 at 12:32 Comment(0)
S
9

TelephonyManger.getDeviceId() Returns the unique device ID, for example, the IMEI for GSM and the MEID or ESN for CDMA phones.

final TelephonyManager mTelephony = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);            
String myAndroidDeviceId = mTelephony.getDeviceId(); 

But i recommend to use:

Settings.Secure.ANDROID_ID that returns the Android ID as an unique 64-bit hex string.

    String   myAndroidDeviceId = Secure.getString(getApplicationContext().getContentResolver(), Secure.ANDROID_ID); 

Sometimes TelephonyManger.getDeviceId() will return null, so to assure an unique id you will use this method:

public String getUniqueID(){    
    String myAndroidDeviceId = "";
    TelephonyManager mTelephony = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
    if (mTelephony.getDeviceId() != null){
        myAndroidDeviceId = mTelephony.getDeviceId(); 
    }else{
         myAndroidDeviceId = Secure.getString(getApplicationContext().getContentResolver(), Secure.ANDROID_ID); 
    }
    return myAndroidDeviceId;
}
Sphene answered 6/2, 2015 at 15:0 Comment(1)
I recently discovered that a client's device of type SM-G928F / Galaxy S6 edge+ delivers only 15 instead of 16 hex digits for the Android ID.Woad
P
9

Google Instance ID

Released at I/O 2015; on Android requires play services 7.5.

https://developers.google.com/instance-id/
https://developers.google.com/instance-id/guides/android-implementation

InstanceID iid = InstanceID.getInstance( context );   // Google docs are wrong - this requires context
String id = iid.getId();  // blocking call

It seems that Google intends for this ID to be used to identify installations across Android, Chrome, and iOS.

It identifies an installation rather then a device, but then again, ANDROID_ID (which is the accepted answer) now no longer identifies devices either. With the ARC runtime a new ANDROID_ID is generated for every installation (details here), just like this new instance ID. Also, I think that identifying installations (not devices) is what most of us are actually looking for.

The advantages of instance ID

It appears to me that Google intends for it to be used for this purpose (identifying your installations), it is cross-platform, and can be used for a number of other purposes (see the links above).

If you use GCM, then you will eventually need to use this instance ID because you need it in order to get the GCM token (which replaces the old GCM registration ID).

The disadvantages/issues

In the current implementation (GPS 7.5) the instance ID is retrieved from a server when your app requests it. This means that the call above is a blocking call - in my unscientific testing it takes 1-3 seconds if the device is online, and 0.5 - 1.0 seconds if off-line (presumably this is how long it waits before giving up and generating a random ID). This was tested in North America on Nexus 5 with Android 5.1.1 and GPS 7.5.

If you use the ID for the purposes they intend - eg. app authentication, app identification, GCM - I think this 1-3 seconds could be a nuisance (depending on your app, of course).

Predecessor answered 19/6, 2015 at 22:22 Comment(2)
another significant downside of instanceID is that a new instanceID will be generated for you if the user clears the data of the app.Kotz
Interesting, but I don't think it really changes the potential use-cases: instance ID, like android_id, is not suited to identifying a device. So your server will see user clearing data as like user uninstalling and re-installing your app - which is not unreasonable.Predecessor
K
8

Google now has an Advertising ID.
This can also be used, but note that :

The advertising ID is a user-specific, unique, resettable ID

and

enables users to reset their identifier or opt out of interest-based ads within Google Play apps.

So though this id may change, it seems that soon we may not have a choice, depends on the purpose of this id.

More info @ develper.android

Copy-paste code here

HTH

Kramlich answered 2/11, 2013 at 13:23 Comment(0)
M
8

Android device mac id is also a unique id. It won't change even if the device itself is formatted.

Use the following code to get the mac id:

WifiManager manager = (WifiManager) getSystemService(Context.WIFI_SERVICE);
WifiInfo info = manager.getConnectionInfo();
String address = info.getMacAddress();

Also, don't forget to add the appropriate permissions into your AndroidManifest.xml:

<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
Monster answered 3/10, 2016 at 11:2 Comment(3)
Unfortunately, this won't work if there is no current WiFi connection. From the docs (emphasis added): "Return dynamic information about the current Wi-Fi connection, if any is active."Compact
Also by granting root access on device, one can spoof mac addressSpoof
Devices running Android 10 (API level 29) and higher report randomized MAC addresses to all apps that aren't device owner apps.So It wont be unique when you are in android version 10 or higherRoscoe
B
8

1.Use the telephony manager, which provides a unique id(i.e. IMEI). See the example,

import android.telephony.TelephonyManager;
import android.content.Context;
// ...
TelephonyManager telephonyManager;
telephonyManager = (TelephonyManager) getSystemService(Context.
                TELEPHONY_SERVICE);
/*
* getDeviceId() returns the unique device ID.
* For example,the IMEI for GSM and the MEID or ESN for CDMA phones.
*/
String deviceId = telephonyManager.getDeviceId();
/*
* getSubscriberId() returns the unique subscriber ID,
*/
String subscriberId = telephonyManager.getSubscriberId();

This requires android.permission.READ_PHONE_STATE to your user which can be hard to justify following the type of application you have made.

  1. Devices without telephony services like tablets must report a unique device ID that is available via android.os.Build.SERIAL since Android 2.3 Gingerbread. Some phones having telephony services can also define a serial number. Like not all Android devices have a Serial Number, this solution is not reliable.

  2. On a device first boot, a random value is generated and stored. This value is available via Settings.Secure.ANDROID_ID. It’s a 64-bit number that should remain constant for the lifetime of a device. ANDROID_ID seems a good choice for a unique device identifier because it’s available for smartphones and tablets. To retrieve the value, you can use the following code,

    String androidId = Settings.Secure.getString(getContentResolver(), Settings.Secure.ANDROID_ID);

However, the value may change if a factory reset is performed on the device. There is also a known bug with a popular handset from a manufacturer where every instance has the same ANDROID_ID. Clearly, the solution is not 100% reliable.

  1. Use UUID. As the requirement for most of the applications is to identify a particular installation and not a physical device, a good solution to get the unique id for a user if to use UUID class. The following solution has been presented by Reto Meier from Google in a Google I/O presentation,
SharedPreferences sharedPrefs = context.getSharedPreferences(
         PREF_UNIQUE_ID, Context.MODE_PRIVATE);
uniqueID = sharedPrefs.getString(PREF_UNIQUE_ID, null);

Update : The option #1 and #2 are no longer available after android 10 as the privacy updates by google. as option 2 and 3 requires critical permission.

Bricker answered 5/10, 2018 at 5:55 Comment(3)
Which handset is the one where every instance has the same ANDROID_ID?Seigler
please refer to the official docs developer.android.com/reference/android/provider/…Bricker
DeviceInfoProvider it's not part of Android SDKUnderscore
D
8

To understand the available Unique Ids in Android devices. Use this official guide.

Best practices for unique identifiers:

IMEI, Mac Addresses, Instance Id, GUIDs, SSAID, Advertising Id, Safety Net API to verify devices.

https://developer.android.com/training/articles/user-data-ids

Dissimilar answered 3/5, 2019 at 22:9 Comment(0)
D
8

Get Device UUID, model number with brand name and its version number with the help of below function.

Work in Android 10 perfectly and no need to allow read phone state permission.

Code Snippets:

private void fetchDeviceInfo() {
    String uniquePseudoID = "35" +
            Build.BOARD.length() % 10 +
            Build.BRAND.length() % 10 +
            Build.DEVICE.length() % 10 +
            Build.DISPLAY.length() % 10 +
            Build.HOST.length() % 10 +
            Build.ID.length() % 10 +
            Build.MANUFACTURER.length() % 10 +
            Build.MODEL.length() % 10 +
            Build.PRODUCT.length() % 10 +
            Build.TAGS.length() % 10 +
            Build.TYPE.length() % 10 +
            Build.USER.length() % 10;

    String serial = Build.getRadioVersion();
    String uuid=new UUID(uniquePseudoID.hashCode(), serial.hashCode()).toString();
    String brand=Build.BRAND;
    String modelno=Build.MODEL;
    String version=Build.VERSION.RELEASE;
    Log.e(TAG, "fetchDeviceInfo: \n "+
            "\n uuid is : "+uuid+
            "\n brand is: "+brand+
            "\n model is: "+modelno+
            "\n version is: "+version);
}

Call Above function and to check output of above code. please see your log cat in android studio. It look likes below:

enter image description here

Dissension answered 7/6, 2020 at 9:8 Comment(3)
what is the %10 and 35+"..." in your code? i mean why you are using this approach to build unique id? why not simply combine those strings together and generate a unique UUID? is the output of this method completely unique for all devices in the world?Indoctrinate
Build.getRadioVersion() returns nullHid
@Hid pelase share your code here. So i can help you in thisDissension
J
5

Just a heads up for everyone reading looking for more up to date info. With Android O there are some changes to how the system manages these ids.

https://android-developers.googleblog.com/2017/04/changes-to-device-identifiers-in.html

tl;dr Serial will require PHONE permission and Android ID will change for different apps, based on their package name and signature.

And also Google has put together a nice document which provides suggestions about when to use the hardware and software ids.

https://developer.android.com/training/articles/user-data-ids.html

Jenellejenesia answered 11/4, 2017 at 8:51 Comment(0)
H
4

Normally, I use device unique id for my apps. But sometime I use IMEI. Both are unique numbers.

to get IMEI (international mobile equipment identifier)

public String getIMEI(Activity activity) {
    TelephonyManager telephonyManager = (TelephonyManager) activity
            .getSystemService(Context.TELEPHONY_SERVICE);
    return telephonyManager.getDeviceId();
}

to get device unique id

public String getDeviceUniqueID(Activity activity){
    String device_unique_id = Secure.getString(activity.getContentResolver(),
            Secure.ANDROID_ID);
    return device_unique_id;
}
Hangchow answered 19/6, 2017 at 15:25 Comment(1)
Android Q has restricted to access for both IMEI and serial no.Tadeo
S
4

I have came across this question several years ago, and have learn to implement a generalized solution based on various answers.

I have used the generalized solution for several years, in a real-world product. It serves me quite well so far. Here's the code snippet, based on various provided answers.

Note, getEmail will return null most of the time, as we didn't ask for permission explicitly.

private static UniqueId getUniqueId() {
    MyApplication app = MyApplication.instance();

    // Our prefered method of obtaining unique id in the following order.
    // (1) Advertising id
    // (2) Email
    // (2) ANDROID_ID
    // (3) Instance ID - new id value, when reinstall the app.

    ////////////////////////////////////////////////////////////////////////////////////////////
    // ADVERTISING ID
    ////////////////////////////////////////////////////////////////////////////////////////////
    AdvertisingIdClient.Info adInfo = null;
    try {
        adInfo = AdvertisingIdClient.getAdvertisingIdInfo(app);
    } catch (IOException e) {
        Log.e(TAG, "", e);
    } catch (GooglePlayServicesNotAvailableException e) {
        Log.e(TAG, "", e);
    } catch (GooglePlayServicesRepairableException e) {
        Log.e(TAG, "", e);
    }

    if (adInfo != null) {
        String aid = adInfo.getId();
        if (!Utils.isNullOrEmpty(aid)) {
            return UniqueId.newInstance(aid, UniqueId.Type.aid);
        }
    }

    ////////////////////////////////////////////////////////////////////////////////////////////
    // EMAIL
    ////////////////////////////////////////////////////////////////////////////////////////////
    final String email = Utils.getEmail();
    if (!Utils.isNullOrEmpty(email)) {
        return UniqueId.newInstance(email, UniqueId.Type.eid);
    }

    ////////////////////////////////////////////////////////////////////////////////////////////
    // ANDROID ID
    ////////////////////////////////////////////////////////////////////////////////////////////
    final String sid = Settings.Secure.getString(app.getContentResolver(), Settings.Secure.ANDROID_ID);
    if (!Utils.isNullOrEmpty(sid)) {
        return UniqueId.newInstance(sid, UniqueId.Type.sid);
    }

    ////////////////////////////////////////////////////////////////////////////////////////////
    // INSTANCE ID
    ////////////////////////////////////////////////////////////////////////////////////////////
    final String iid = com.google.android.gms.iid.InstanceID.getInstance(MyApplication.instance()).getId();
    if (!Utils.isNullOrEmpty(iid)) {
        return UniqueId.newInstance(iid, UniqueId.Type.iid);
    }

    return null;
}

public final class UniqueId implements Parcelable {
    public enum Type implements Parcelable {
        aid,
        sid,
        iid,
        eid;

        ////////////////////////////////////////////////////////////////////////////
        // Handling Parcelable nicely.

        public static final Parcelable.Creator<Type> CREATOR = new Parcelable.Creator<Type>() {
            public Type createFromParcel(Parcel in) {
                return Type.valueOf(in.readString());
            }

            public Type[] newArray(int size) {
                return new Type[size];
            }
        };

        @Override
        public int describeContents() {
            return 0;
        }

        @Override
        public void writeToParcel(Parcel parcel, int flags) {
            parcel.writeString(this.name());
        }

        // Handling Parcelable nicely.
        ////////////////////////////////////////////////////////////////////////////
    }

    public static boolean isValid(UniqueId uniqueId) {
        if (uniqueId == null) {
            return false;
        }
        return uniqueId.isValid();
    }

    private boolean isValid() {
        return !org.yccheok.jstock.gui.Utils.isNullOrEmpty(id) && type != null;
    }

    private UniqueId(String id, Type type) {
        if (org.yccheok.jstock.gui.Utils.isNullOrEmpty(id) || type == null) {
            throw new java.lang.IllegalArgumentException();
        }
        this.id = id;
        this.type = type;
    }

    public static UniqueId newInstance(String id, Type type) {
        return new UniqueId(id, type);
    }

    @Override
    public int hashCode() {
        int result = 17;
        result = 31 * result + id.hashCode();
        result = 31 * result + type.hashCode();
        return result;
    }

    @Override
    public boolean equals(Object o) {
        if (o == this) {
            return true;
        }

        if (!(o instanceof UniqueId)) {
            return false;
        }

        UniqueId uniqueId = (UniqueId)o;
        return this.id.equals(uniqueId.id) && this.type == uniqueId.type;
    }

    @Override
    public String toString() {
        return type + ":" + id;
    }

    ////////////////////////////////////////////////////////////////////////////
    // Handling Parcelable nicely.

    public static final Parcelable.Creator<UniqueId> CREATOR = new Parcelable.Creator<UniqueId>() {
        public UniqueId createFromParcel(Parcel in) {
            return new UniqueId(in);
        }

        public UniqueId[] newArray(int size) {
            return new UniqueId[size];
        }
    };

    private UniqueId(Parcel in) {
        this.id = in.readString();
        this.type = in.readParcelable(Type.class.getClassLoader());
    }

    @Override
    public int describeContents() {
        return 0;
    }

    @Override
    public void writeToParcel(Parcel parcel, int flags) {
        parcel.writeString(this.id);
        parcel.writeParcelable(this.type, 0);
    }

    // Handling Parcelable nicely.
    ////////////////////////////////////////////////////////////////////////////

    public final String id;
    public final Type type;
}

public static String getEmail() {
    Pattern emailPattern = Patterns.EMAIL_ADDRESS; // API level 8+
    AccountManager accountManager = AccountManager.get(MyApplication.instance());
    Account[] accounts = accountManager.getAccountsByType("com.google");
    for (Account account : accounts) {
        if (emailPattern.matcher(account.name).matches()) {
            String possibleEmail = account.name;
            return possibleEmail;
        }
    }

    accounts = accountManager.getAccounts();
    for (Account account : accounts) {
        if (emailPattern.matcher(account.name).matches()) {
            String possibleEmail = account.name;
            return possibleEmail;
        }
    }

    return null;
} 
Sabec answered 7/11, 2017 at 19:0 Comment(1)
But does this work when the user resets his phone? in that case android id is gonna change, advertising id is resettable and email too.Skink
D
4

Not recommended as deviceId can be used as tracking in 3rd party hands, but this is another way.

@SuppressLint("HardwareIds")
private String getDeviceID() {
    deviceId = Settings.Secure.getString(getApplicationContext().getContentResolver(),
                    Settings.Secure.ANDROID_ID);
    return deviceId;
}
Diao answered 28/12, 2017 at 8:36 Comment(1)
Android is making some changes on: Settings.Secure.ANDROID_ID; On Android 8.0 (API level 26) and higher versions of the platform, a 64-bit number (expressed as a hexadecimal string), unique to each combination of app-signing key, user, and device. This means Settings.Secure.ANDROID_ID now returns IDs that are unique to the app/device combination, which makes things safer for the user.Yovonnda
D
4

In order to include Android 9 I have only one idea that could still work that (probably) doesn't violate any terms, requires permissions, and works across installations and apps.

Fingerprinting involving a server should be able to identify a device uniquely. The combination of hardware information + installed apps and the installation times should do the trick. First installation times do not change unless an app is uninstalled and installed again. But this would have to be done for all apps on device in order to not be able to identify the device (ie. after a factory reset).

This is how I would go about it:

  1. Extract hardware information, application package names and first installation times.

This is how you extract all applications from Android (no permissions needed):

final PackageManager pm = application.getPackageManager();
List<ApplicationInfo> packages = 
pm.getInstalledApplications(PackageManager.GET_META_DATA);

for (ApplicationInfo packageInfo : packages) {
    try {
        Log.d(TAG, "Installed package :" + packageInfo.packageName);
        Log.d(TAG, "Installed :" + pm.getPackageInfo(packageInfo.packageName, 0).firstInstallTime);
    } catch (PackageManager.NameNotFoundException e) {
        e.printStackTrace();
    }
}
  1. You may want to make a hash of the each package name and installation timestamp combination, before sending it to the server, as it may or may not be any of your business what the user has installed on the device.
  2. Some apps (a lot actually) are system apps. These are likely to have the same installation timestamp, matching the latest system update after a factory reset. Because they have the same installation timestamp they are cannot be installed by the user, and can be filtered out.
  3. Send the info to the server and let it look for nearest match amongst previously stored info. You need to make a threshold when comparing with previously stored device info as apps are installed and uninstalled. But my guess is that this threshold can be very low, as any package name and first time installation timestamp combination alone will be pretty unique for a device, and apps are not that frequently installed and uninstalled. Having multiple apps just increases the probability of being unique.
  4. Return the generated unique id for the match, or generate a unique id, store with device info and return this new id.

NB: This is a non-tested and non-proved method! I am confident it will work, but I am also pretty sure that if this catches on, they will close it down one way or another.

Dawndawna answered 31/1, 2019 at 15:27 Comment(0)
C
4

Here is a simple answer to get AAID, tested working properly June 2019

 AsyncTask<Void, Void, String> task = new AsyncTask<Void, Void, String>() {
        @Override
        protected String doInBackground(Void... params) {
            String token = null;
            Info adInfo = null;
            try {
                adInfo = AdvertisingIdClient.getAdvertisingIdInfo(getApplicationContext());
            } catch (IOException e) {
                // ...
            } catch ( GooglePlayServicesRepairableException e) {
                // ...
            } catch (GooglePlayServicesNotAvailableException e) {
                // ...
            }
            String android_id = adInfo.getId();
            Log.d("DEVICE_ID",android_id);

            return android_id;
        }

        @Override
        protected void onPostExecute(String token) {
            Log.i(TAG, "DEVICE_ID Access token retrieved:" + token);
        }

    };
    task.execute();

read full answer in detail here:

Cotta answered 11/6, 2019 at 16:55 Comment(0)
U
3

If you add: 

Settings.Secure.getString(context.contentResolver,
    Settings.Secure.ANDROID_ID)

Android Lint will give you the following warning:

Using getString to get device identifiers is not recommended. Inspection info: Using these device identifiers is not recommended other than for high value fraud prevention and advanced telephony use-cases. For advertising use-cases, use AdvertisingIdClient$Info#getId and for analytics, use InstanceId#getId.

So, you should avoid using this.

As mentioned in Android Developer documentation :

1: Avoid using hardware identifiers.

In most use cases, you can avoid using hardware identifiers, such as SSAID (Android ID) and IMEI, without limiting required functionality.

2: Only use an Advertising ID for user profiling or ads use cases.

When using an Advertising ID, always respect users' selections regarding ad tracking. Also, ensure that the identifier cannot be connected to personally identifiable information (PII), and avoid bridging Advertising ID resets.

3: Use an Instance ID or a privately stored GUID whenever possible for all other use cases, except for payment fraud prevention and telephony.

For the vast majority of non-ads use cases, an Instance ID or GUID should be sufficient.

4: Use APIs that are appropriate for your use case to minimize privacy risk.

Use the DRM API for high-value content protection and the SafetyNet APIs for abuse protection. The SafetyNet APIs are the easiest way to determine whether a device is genuine without incurring privacy risk.

Ulster answered 24/7, 2019 at 7:34 Comment(0)
H
2
String SERIAL_NUMER = Build.SERIAL;

Returns SERIAL NUMBER as a string which unique in each device.

Headwaters answered 7/9, 2017 at 14:31 Comment(0)
F
2

Serial Number is a unique device ID available via android.os.Build.SERIAL.

public static String getSerial() {
    String serial = "";
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O){
        serial = Build.getSerial();
    }else{ 
        serial = Build.SERIAL;    
    }
    return serial;
}

Make sure you have READ_PHONE_STATE permission before calling getSerial().

NOTE:- It is Not available with Devices without telephony (like wifi only tablets).

Franciscafranciscan answered 14/12, 2017 at 15:2 Comment(1)
Note that the docs say that this will return the hardware serial number "if available", suggesting that Build.SERIAL (or Build.getSerial()) is not always available. More info is available in the blog post Changes to Device Identifiers in Android O. Also worth a read: Best Practices for Unique Identifiers.Compact
P
2

For completeness, here is how you can get the Id in Xamarin.Android and C#:

var id = Settings.Secure.GetString(ContentResolver, Settings.Secure.AndroidId);

Or if you are not within an Activity:

var id = Settings.Secure.GetString(context.ContentResolver, Settings.Secure.AndroidId);

Where context is the passed in context.

Pannonia answered 21/1, 2019 at 7:13 Comment(0)
E
1

Get the device ID only once, and then store it in a database or a file. In this case, if it is the first boot of the app, it generates an ID and stores it. Next time, it will only take the ID stored in the file.

Elizaelizabet answered 21/10, 2013 at 10:4 Comment(1)
The idea is to have an ID that survives the app being uninstalled and re installed. Saving an ID to a data base doesn't help because the data base is removed when the app is uninstalled.Compact
P
1

Yes, every Android device have a unique serial numbers you can able to get it from this code. Build.SERIAL. Note that it was only added in API level 9, and it may not be present on all devices. To get a unique ID on earlier platforms, you'll need to read something like the MAC address or IMEI.

Pastor answered 11/9, 2019 at 14:9 Comment(0)
P
1
android.telephony.TelephonyManager.getDeviceId()

This will return whatever string uniquely identifies the device (IMEI on GSM, MEID for CDMA).

You'll need the following permission in your AndroidManifest.xml:

<uses-permission android:name="android.permission.READ_PHONE_STATE" />
Parlous answered 25/9, 2019 at 11:5 Comment(1)
It's deprecatedCalci
P
1

After much searching. I realized there is no sure way to have a unique ID.

Suppose we want each user to be able to use the application on only one phone.

What I do is:

When a user registers in my app, I save the current time as a unique ID both on the server and in the application database.

When the user tries to login on another phone, I fetch the user information from the server and realize that this user has already been logged in because the unique ID field is full, so show him/her a dialog that he/she has already logged in to another device, whether he wants to leave the previous session or not, if he says yes, I will create a new unique ID for him and update the unique ID details on the server.

In my own app, I get the user profile from the server every time it runs. If the unique ID stored on the server is different from the unique ID stored in the application database, I will automatically log out of the user.

Picturesque answered 8/3, 2022 at 10:23 Comment(3)
What if the user re-installs the app on his device? This approach will fail.Tadeo
@Tadeo the user is signing in to the app with credentials so re-installing the app is not an issue, since they would have to log in again.Urethritis
@Urethritis We have a financial app where people try to clone and bypass securities, so we need to have a check which user is signing how many times from a device. In our case, this technique fails.Tadeo
M
1

This example demonstrates how to get and store device ID in Android but I using Kotlin.

      val textView: TextView = findViewById(R.id.textView)
      val uniqueId: String = Settings.Secure.getString(contentResolver, Settings.Secure.ANDROID_ID)
      textView.text = "Device ID: $uniqueId"
Misnomer answered 27/9, 2022 at 17:1 Comment(2)
but this can change if app is re-installedSubtemperate
If you wanna avoid to changing it by re-installing, you should take unique ID from FirebaseMisnomer
L
1

Generate Device Identifier

 private String generateDeviceIdentifier() {
    String uniqueDevicePseudoID = "35" +
            Build.BOARD.length() % 10 +
            Build.BRAND.length() % 10 +
            Build.DEVICE.length() % 10 +
            Build.DISPLAY.length() % 10 +
            Build.HOST.length() % 10 +
            Build.ID.length() % 10 +
            Build.MANUFACTURER.length() % 10 +
            Build.MODEL.length() % 10 +
            Build.PRODUCT.length() % 10 +
            Build.TAGS.length() % 10 +
            Build.TYPE.length() % 10 +
            Build.USER.length() % 10;

    String serial = Build.getRadioVersion();
    String uuid = new UUID(uniqueDevicePseudoID.hashCode(), serial.hashCode()).toString();
    Log.e("DeviceIdentifier ", "\nDeviceIdentifier uuid is : " + uuid);
    return uuid;
}

Output

DeviceIdentifier uuid is : 00000000-36ab-9c3c-0000-0000714a4f37

enter image description here

Lake answered 4/10, 2022 at 6:8 Comment(0)
M
0

Check for SystemInfo.deviceUniqueIdentifier

Documentation: http://docs.unity3d.com/Documentation/ScriptReference/SystemInfo-deviceUniqueIdentifier.html

A unique device identifier. It is guaranteed to be unique for every device (Read Only).

iOS: on pre-iOS7 devices it will return hash of MAC address. On iOS7 devices it will be UIDevice identifierForVendor or, if that fails for any reason, ASIdentifierManager advertisingIdentifier.

Maguire answered 6/1, 2014 at 22:30 Comment(0)
C
0

To get a user id you can use Google Play Licensing Library.

To download this library open SDK Manager => SDK Tools. The path to downloaded library files is:

path_to_android_sdk_on_your_pc/extras/google/market_licensing/library

Include the library in your project (you can simply copy its files).

Next you need some implementation of Policy interface (you can simply use one of two files from the library: ServerManagedPolicy or StrictPolicy).

User id will be provided for you inside processServerResponse() function:

public void processServerResponse(int response, ResponseData rawData) {
    if(rawData != null) {
        String userId = rawData.userId
        // use/save the value
    }
    // ...
}

Next you need to construct the LicenseChecker with a policy and call checkAccess() function. Use MainActivity.java as an example of how to do it. MainActivity.java is located inside this folder:

path_to_android_sdk_on_your_pc/extras/google/market_licensing/sample/src/com/example/android/market/licensing

Don't forget to add CHECK_LICENSE permission to your AndroidManifest.xml.

More about Licensing Library: https://developer.android.com/google/play/licensing

Conde answered 3/8, 2019 at 12:41 Comment(0)
K
0

Android restricts the hardware related Id after Android O, therefore, Android_Id is the solution for unique id but it has an issue when reflector the device it will generate new android_id to overcome this problem we can use the DRUMID.

val WIDEVINE_UUID = UUID(-0x121074568629b532L, -0x5c37d8232ae2de13L)
val drumIDByteArray = MediaDrm(WIDEVINE_UUID).getPropertyByteArray(MediaDrm.PROPERTY_DEVICE_UNIQUE_ID)

val drumID = android.util.Base64.encodeToString(drumIDByteArray,android.util.Base64.DEFAULT)
Kuhns answered 19/5, 2020 at 14:54 Comment(0)
J
-2

You will get the wifi mac address by using the following code, regardless whether you used a randomized address when you tried to connect to the wifi or not, and regardless whether the wifi was turned on or off.

I used a method from the link below, and added a small modification to get the exact address instead of the randomized one:

Getting MAC address in Android 6.0

public static String getMacAddr() {
StringBuilder res1 = new StringBuilder();
try {
List<NetworkInterface> all =     
Collections.list(NetworkInterface.getNetworkInterfaces());
for (NetworkInterface nif : all) {    
if (!nif.getName().equalsIgnoreCase("p2p0")) continue;

        byte[] macBytes = nif.getHardwareAddress();
        if (macBytes == null) {
            continue;
        }

        res1 = new StringBuilder();
        for (byte b : macBytes) {
            res1.append(String.format("%02X:",b));
        }

        if (res1.length() > 0) {
            res1.deleteCharAt(res1.length() - 1);
        }
    }
} catch (Exception ex) {
}
return res1.toString();

}

Jeaninejeanlouis answered 23/9, 2020 at 16:7 Comment(1)
this was not the question.Dene
S
-3

package com.aapbd.appbajarlib.common;

import android.os.Build;

import java.util.Locale;
import java.util.UUID;

public class DeviceID {



    public  static String getDeviceLanguage()
    {

        Locale locale=Locale.getDefault();
        return locale.getDisplayLanguage();

    }

    public  static String getDeviceCountry()
    {

        Locale locale=Locale.getDefault();
        return locale.getDisplayCountry();

    }


    public static String getDeviceName() {
        String manufacturer = Build.MANUFACTURER;
        String model = Build.MODEL;
        if (model.startsWith(manufacturer)) {
            return capitalize(model);
        } else {
            return capitalize(manufacturer) + " " + model;
        }
    }

    public static String getAndroidVersion() {

            String release = Build.VERSION.RELEASE;
            int sdkVersion = Build.VERSION.SDK_INT;
            return sdkVersion + " (" + release +")";

    }

    public static int getAndroidAPILevel() {

        int sdkVersion = Build.VERSION.SDK_INT;
        return sdkVersion;

    }




    private static String capitalize(String s) {
        if (s == null || s.length() == 0) {
            return "";
        }
        char first = s.charAt(0);
        if (Character.isUpperCase(first)) {
            return s;
        } else {
            return Character.toUpperCase(first) + s.substring(1);
        }
    }


    /**
     * Return pseudo unique ID
     * @return ID
     */
    public static String getUniquePsuedoID() {
        // If all else fails, if the user does have lower than API 9 (lower
        // than Gingerbread), has reset their device or 'Secure.ANDROID_ID'
        // returns 'null', then simply the ID returned will be solely based
        // off their Android device information. This is where the collisions
        // can happen.
        // Thanks http://www.pocketmagic.net/?p=1662!
        // Try not to use DISPLAY, HOST or ID - these items could change.
        // If there are collisions, there will be overlapping data
        String m_szDevIDShort = "35" + (Build.BOARD.length() % 10) + (Build.BRAND.length() % 10) + (Build.CPU_ABI.length() % 10) + (Build.DEVICE.length() % 10) + (Build.MANUFACTURER.length() % 10) + (Build.MODEL.length() % 10) + (Build.PRODUCT.length() % 10);

        // Thanks to @Roman SL!
        // https://mcmap.net/q/11063/-is-there-a-unique-android-device-id
        // Only devices with API >= 9 have android.os.Build.SERIAL
        // http://developer.android.com/reference/android/os/Build.html#SERIAL
        // If a user upgrades software or roots their device, there will be a duplicate entry
        String serial = null;
        try {
            serial = android.os.Build.class.getField("SERIAL").get(null).toString();

            // Go ahead and return the serial for api => 9
            return new UUID(m_szDevIDShort.hashCode(), serial.hashCode()).toString();
        } catch (Exception exception) {
            // String needs to be initialized
            serial = "serial"; // some value
        }

        // Thanks @Joe!
        // https://mcmap.net/q/11063/-is-there-a-unique-android-device-id
        // Finally, combine the values we have found by using the UUID class to create a unique identifier
        return new UUID(m_szDevIDShort.hashCode(), serial.hashCode()).toString();
    }

}

I am using this and it's working over the last 6 years.

Here's the library: https://github.com/nillbiplob/AppBajarLIB

Stallfeed answered 23/10, 2021 at 18:56 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.