Activation mechanism for mobile applications.

Hello,

I am trying to figure a way to protect my 1c mobile application through some sort of licence scheme. I am delivering apks for android.
The problem  is that a user can easily reuse the apk on another device. I can password protect the application on first use but there are software like Helium where you can easily backup and restore a whole installation to another device. I thought of a standard serial and activation scheme but there doesnt seem to be any way to get a unique identification code for the specific device through the platform.

Any advice on what to do?

Since the platform does not provide a way i am thinking of creating a native android application to return a unique id for the device. I need to call this application from 1c.

I guess i need to use this :

MobileDeviceApplicationLaunch()

Can anyone provide an example of using this function? I cannot find anything in the manuals.

Hello, Constantinos Anastasiou!

Here is an example of using this function to run a scanner:

Application = New MobileDeviceApplicationLaunch();
Application.Action = "com.google.zxing.client.android.SCAN";
Application.Run(True);
For Each Row In Application.ExtrasData Do
    UserMessage = New UserMessage;
    UserMessage.Text = Row.Key + ": " + Row.Value;
    UserMessage.Message();
EndDo;

Constantinos Anastasiou,
IMHO, there is no way to protect 1C mobile app completely.
Configuration file stores in apk without any encryption, so it is very easy extract it fr om your application, change and build new apk without protection.
Of course, now it is impossible to convert 1cema.xml into source code (file contains only op-code).
But opcode is readable and understandable by developer, community definitely will create some "decomplication" tool soon.

Much better to build an app in service model - wh ere most important algorithms work in cloud.
Mobile app send a request to cloud with some data and device ID. On server you check this ID and process\decline request. So mobile app does not contain any valuable algorithms.
This makes "piracy" is simply useless.

Other option - move valuable algorithms to native app and run it from 1C.
This native app should check device ID in cloud, and do work or raise error.

Hello Aleksey.

We just need to hava a basic protection from end users. From developers you are right only cloud apps can be fully ptotected.

Also could be helpful SystemInfo object (instead of using native app to get a device unique ID).
According to SyntaxAssistant, it works on mobile devices.

SysInfo = New SystemInfo;
Message(SysInfo.ClientID);

SystemInfo.ClientID should work but we cannot really rely on this because this is unique for new installations.
If you use for example helium software to backup and restore to a new device think it will stay the same.
I am not 100% sure but i think this is the case.



Is there any documentation on how to create the Native Android application in order to be called from the MobileDeviceApplicationLaunch Object?