All Products
Search
Document Center

Device Risk Detection SDK for Android (2020)

Last Updated: Sep 30, 2021

This topic describes how to integrate and use Device Risk Detection SDK for Android.

Prerequisites

    Android 4.0.3 or later and minSdkVersion 15 or later are available.

Permissions

To enhance the fraud detection effect, Device Risk Detection SDK for Android requires the permissions described in the following table.

Permission

Required

Remarks

android.permission.INTERNET

Yes

Device Risk Detection SDK for Android cannot be used if it is not granted this permission.

android.permission.ACCESS_NETWORK_STATE

No (We recommend that you grant this permission to Device Risk Detection SDK for Android.)

This permission is used to obtain the network status of a device.

android.permission.READ_PHONE_STATE

No (We recommend that you grant this permission to Device Risk Detection SDK for Android.)

These permissions need to be dynamically requested in Android 6.0 or later.

If you want to enable the relevant permissions, make sure that your app has been granted the relevant permissions before you integrate and initialize Device Risk Detection SDK for Android.

android.permission.WRITE_EXTERNAL_STORAGE

No (We recommend that you grant this permission to Device Risk Detection SDK for Android.)

android.permission.READ_EXTERNAL_STORAGE

No (We recommend that you grant this permission to Device Risk Detection SDK for Android.)

Download and configure Device Risk Detection SDK for Android

  1. Download Device Risk Detection SDK for Android and decompress the SDK package. The SDK package is a standard .aar package for Android.

  2. Copy the .aar SDK package to the libs directory of your project. Add the following dependencies to the build.gradle file of the app module:

implementation files('libs/Android-AliyunDevice-Version number.aar')
implementation 'com.squareup.okhttp3:okhttp:3.11.0'
implementation 'com.squareup.okio:okio:1.14.0

Initialize Device Risk Detection SDK for Android

You must call the init operation at the earliest opportunity when the app starts.

  • Syntax

public interface SecurityInitListener {
    // The code parameter indicates the call status code of the operation.
    void onInitFinish(int code);
}

public void init(Context ctx, 
                 String userAppKey, 
                 SecurityInitListener securityInitListener);
  • Parameters

ctx: indicates the application context or activity context.

userAppKey: indicates the appkey of a user. You can create an appkey on the Device APP management tab in the Fraud Detection console.

securityInitListener: indicates the listener for the initialization result of Device Risk Detection SDK for Android. You can check whether the initialization is successful based on the callback notification. For more information about the value range of the code parameter, see the "Status codes" section of this topic.

  • Return value

None.

Obtain the client session

Obtain the client session and send it to the business server. Then, you can query the response from Device Risk Detection on the business server to obtain the device risk information.

Note: The getSession operation is time-consuming. Do not call the getSession operation in the UI thread. Otherwise, the app may unexpectedly quit due to an Application Not Responding (ANR) error.

  • Syntax

public class SecuritySession {
    // The code parameter indicates the call status code of the operation.
    public int code;
    
    // The session parameter indicates the session string that is used to query the response from Device Risk Detection on the business server.
    public String session;
}

public SecuritySession getSession();
  • Return value

The SecuritySession type is returned.

code: indicates the call status code of the operation. You can check whether the call is successful based on the status code. For more information about the value range of the code parameter, see the "Status codes" section of this topic.

session: indicates the session string. You can use the session string to query the response from Device Risk Detection on the business server.

Status codes

public class SecurityCode {
    private static final int SC_CODE_BASE = 10000;

    /**
     * The call is successful.
     */
    public static final int SC_SUCCESS = SC_CODE_BASE;

    /**
     * Device Risk Detection SDK for Android is not initialized.
     */
    public static final int SC_NOT_INIT = SC_CODE_BASE + 1;

    /**
     * One or more basic Android permissions are not granted to Device Risk Detection SDK for Android.
     */
    public static final int SC_NOT_PERMISSION = SC_CODE_BASE + 2;

    /**
     * An unknown error has occurred.
     */
    public static final int SC_UNKNOWN_ERROR = SC_CODE_BASE + 3;

    /**
     * A network error has occurred.
     */
    public static final int SC_NETWORK_ERROR = SC_CODE_BASE + 4;

    /**
     * A network error has occurred and the return value is an empty string.
     */
    public static final int SC_NETWORK_ERROR_EMPTY = SC_CODE_BASE + 5;

    /**
     * The format of the network response is invalid.
     */
    public static final int SC_NETWORK_ERROR_INVALID = SC_CODE_BASE + 6;

    /**
     * The server configuration failed to be parsed.
     */
    public static final int SC_PARSE_SRV_CFG_ERROR = SC_CODE_BASE + 7;

    /**
     * The gateway returns an error.
     */
    public static final int SC_NETWORK_RET_CODE_ERROR = SC_CODE_BASE + 8;

    /**
     * The specified appkey is empty.
     */
    public static final int SC_APPKEY_EMPTY = SC_CODE_BASE + 9;

    /**
     * A parameter error has occurred.
     */
    public static final int SC_PARAMS_ERROR = SC_CODE_BASE + 10;
}

Sample code

public class MainActivity extends AppCompatActivity {
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        // Initialize Device Risk Detection SDK for Android. You must call the init operation at the earliest opportunity when the app starts.
        SecurityDevice.getInstance().init(this, "xxxxxxx", new SecurityInitListener() {
        @Override
        public void onInitFinish(int code) {
            if (SecurityCode.SC_SUCCESS ! = code) {
                    Log.e("AliyunDevice", "The initialization failed. The session string obtained by calling the getSession operation is invalid.");
                } else {
                    Log.i("AliyunDevice", "The initialization is successful.") ;
                }
            }
        });

        // Obtain the client session. The getSession operation is time-consuming. Do not call the getSession operation in the UI thread.
         new Thread(){
                @Override
                public void run() {
                    SecuritySession securitySession = SecurityDevice.getInstance().getSession();
                    if(null ! = securitySession){
                        if(SecurityCode.SC_SUCCESS == securitySession.code){
                            Log.d("AliyunDevice", "session: " + securitySession.session);

                            // Send the client session to the business server and query the response from Device Risk Detection Fraud Detection.
                            // sendToAPPServer(securitySession.session);
                        } else {
                            Log.e("AliyunDevice", "getSession error, code: " + securitySession.code);
                        }
                    } else {
                        Log.e("AliyunDevice", "getSession is null.") ;
                    }
                }
            }.start();
    }
}

Configure ProGuard

-keep class net.security.device.api.** {*;}
-dontwarn net.security.device.api. **

Call the Device Risk Detection API

Use the deviceToken and other parameters to call the Fraud Detection API in accordance with the following topics:

Device Risk Detection event and response parameters

The following figure shows the sequence diagram for integrating and using the SDK. Steps 1 and 2 are required only when you load the SDK for the first time. You can perform Steps 3 through 9 in a loop as needed.

Flow Chart of SDK