HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website

Detecting unofficial installation

Users can share a copy of the application on unofficial stores or various pirate forums. While some users download these copies to avoid paying for the product, they can include unknown and possibly dangerous modifications. Verifying an official installation consequently protects both the users and the owner. This reaction is also triggered, if you install the application through alternative ways like unofficial store or Xcode build.

Below are code snippets demonstrating detection of unofficial installation across various platforms:

// Android
override fun onUntrustedInstallationSourceDetected() {...}

// iOS
case unofficialStore

// Flutter
onUnofficialStore: () => print("Unofficial store")

// Cordova 
unofficialStore: () => {
    // Place your reaction here 
}

// React Native
unofficialStore: () => {
    // Place your reaction here 
}

// Capacitor
unofficialStore: () => {
    // Place your reaction here 
}

Recommended action: Notify users that the application is installed from an unofficial store. In some cases, it is recommended to even kill the application.

Define alternative supported stores

If you want to define which applications can install the application, insert its package name in the supportedAlternativeStores (or supportedStores on Flutter) parameter. If you publish on Google Play, Huawei AppGallery, App Store (iOS), and TestFlight (iOS), you don't need to assign anything, as they are already supported out of the box.

Store / Distribution methodPackage nameNotes

App Store (iOS)

Included by default, no action needed

TestFlight (iOS)

Included by default, no action needed

Google Play

Included by default, no action needed

Huawei AppGallery

Included by default, no action needed

Firebase App Distribution

dev.firebase.appdistribution

Samsung Galaxy Store

com.sec.android.app.samsungapps

Common on Samsung devices

Vivo App Store

com.vivo.appstore

Common on Vivo devices

HeyTap

com.heytap.market

Common on Realme and Oppo devices

Oppo App Market

com.oppo.market

Common on Oppo devices

GetApps

com.xiaomi.mipicks

Common on Xiaomi, Redmi and POCO devices

The application can also be installed by "cloning" apps, which users employ to transfer apps between devices. The following list comprises popular examples of such apps. By default, freeRASP categorizes them as installations from an unofficial store .

Mover / Cloner appPackage name

Mi Mover (Xiaomi)

com.miui.huanji

Phone Clone (Huawei)

com.hicloud.android.clone

Samsung Smart Switch

com.sec.android.easyMover

Samsung Cloud for Wear OS

com.samsung.android.scloud

OPPO Clone Phone

com.coloros.backuprestore

EasyShare (Vivo)

com.vivo.easyshare

Clone Phone (OnePlus)

com.oneplus.backuprestore

SHAREit (Lenovo)

com.lenovo.anyshare.gps

SHAREit Lite

shareit.lite

ShareMe (Xiaomi)

com.xiaomi.midrop

MIUI Backup (Xiaomi)

com.miui.backup

Phone Clone (Honor)

com.hihonor.android.clone

Finally, it's very common application gets installed through browser, file manager, cloud storage or various messaging apps. By default, freeRASP categorizes them as installations from unofficial store.

PreviousDebugger detectionNextDevice binding detection

Last updated

Logo

Company

General Terms and Conditions

Stay Connected

LinkedInXYouTube