Disclose SDK data collection in your privacy policy, configure system and optional permissions, and initialize the SDK only after users consent to comply with personal information protection regulations.
Disclose SDK Usage in the Privacy Policy
App operators must inform end users how the SDK processes personal information, including the SDK name, business functions, processing purpose, types of personal information collected, and a privacy policy link.
Describe the Device Fraud Detection SDK separately in your app's Privacy Policy and include the following in the Third-Party Sharing List:
-
SDK name: Device Fraud Detection SDK
-
Business functions: Detect abnormal devices and identify cheating and fraud risks
-
Types of personal information collected: Specify based on the actual data items collected
-
Permissions used: Specify based on the actual permission configuration
-
Privacy policy link: https://terms.aliyun.com/legal-agreement/terms/suit_bu1_ali_cloud/suit_bu1_ali_cloud202111120818_92724.html
SDK system permissions
The Device Fraud Detection SDK requires the following system permissions. Required permissions must be granted for the SDK to function properly. Optional permissions enhance detection capabilities but are not mandatory.
Android
|
Permission |
Required |
Purpose |
When to request |
|
INTERNET |
Yes |
Obtain network access. The SDK is unavailable without this permission. |
Before calling the data collection API |
|
ACCESS_NETWORK_STATE |
No (Recommended) |
Obtain device network status. |
Before calling the data collection API |
|
READ_PHONE_STATE |
No (Recommended) |
Obtain device fingerprint-related ID fields. |
Before calling the data collection API |
|
WRITE_EXTERNAL_STORAGE READ_EXTERNAL_STORAGE |
No (Recommended) |
Cache configuration files on the local disk. |
Before calling the data collection API |
iOS
|
Permission |
Required |
Purpose |
When to request |
|
NSLocalNetworkUsageDescription |
No (Recommended) |
Detect local area network connectivity to identify threats such as modem pools and device farms. |
Before calling the data collection API |
|
NSUserTrackingUsageDescription |
No |
Obtain the identifier for advertisers (IDFA) to improve device ID stability. |
Before calling the data collection API |
HarmonyOS
|
Permission |
Required |
Description |
|
ohos.permission.INTERNET |
Yes |
Network access. The SDK requires a network connection to function. |
|
ohos.permission.GET_NETWORK_INFO |
Yes |
Network status verification. The SDK uses network status to provide better service. |
|
ohos.permission.STORE_PERSISTENT_DATA |
No (Recommended) |
Allow the app to store persistent data. The SDK uses this permission to enhance device fingerprint stability. |
|
ohos.permission.DISTRIBUTED_DATASYNC |
No (Recommended) |
Multi-device collaboration. The SDK detects the status of multiple devices to enhance security. |
|
ohos.permission.APP_TRACKING_CONSENT |
No (Recommended) |
Obtain the advertising identifier. The SDK uses IDFA information to improve device ID stability. |
Configure optional personal information collection
The SDK collects certain personal information by default. You can control the collection scope by using the DataType parameter in the data collection API, which supports single or multiple selection. Disabling data collection reduces the corresponding detection capabilities. Configure based on your business needs.
Android configuration
Set the DataType field of the option parameter in the data collection API. To select a single type, use a value such as NO_UNIQUE_DEVICE_DATA. To select multiple types, combine values with the | character, such as NO_UNIQUE_DEVICE_DATA|NO_IDENTIFY_DEVICE_DATA.
|
Personal information field |
Description |
DataType configuration field |
|
OAID, Google Advertising ID, Android_ID |
Changeable unique device identifier |
NO_UNIQUE_DEVICE_DATA |
|
IMEI, IMSI, SimSerial, BuildSerial (SN), MAC address |
Unchangeable unique device identifier |
NO_IDENTIFY_DEVICE_DATA |
|
Device name (Build.DEVICE), Android version (Build.VERSION.RELEASE), screen resolution |
Basic device information |
NO_BASIC_DEVICE_DATA |
|
Fraudulent app list, local area network IP, DNS IP, connected Wi-Fi information (SSID, BSSID), nearby Wi-Fi list, location information |
Extended information |
NO_EXTRA_DEVICE_DATA |
Code example:
// Add a privacy data collection switch. Do not collect NO_IDENTIFY_DEVICE_DATA type data. Use | to combine multiple values.
Map<String, String> options = new HashMap<>();
options.put("DataType", String.valueOf(NO_IDENTIFY_DEVICE_DATA));
// Collect data through the Device Fraud Detection SDK. Call the data collection API as early as possible within the risk scenario.
SecurityDevice.getInstance().initWithOptions(this, ALIYUN_APPKEY, options, null);iOS configuration
|
Personal information field |
Description |
Configuration method |
|
IDFA |
Advertising identifier |
Download the SDK version that collects or does not collect IDFA from the console. |
Initialize the SDK and call features
When users first launch the app, initialize the SDK and call its APIs only after users agree to the privacy policy and actively use the SDK feature. Do not collect device information immediately after users consent to the privacy policy. For configuration details, see the integration guide for your platform: select "Data Collection" in the Android integration guide, or "Collect Data Using the SDK" in the iOS integration guide.