Google Play Integrity Device Recall Beta
15 days ago
- #Google Play
- #device recall
- #app security
- Device recall allows apps to store and retrieve custom data associated with specific devices, preserving user privacy.
- Data is stored on Google's servers, enabling recall even after app reinstallation or device reset.
- Use cases include detecting severe abuse, preventing high-value item redemption abuse, and stopping repeated account creation for abusive purposes.
- Apps can read three custom values or bits per device when obtaining an integrity verdict.
- Modify per-device data within 14 days of obtaining an integrity token via a server-side call to Google Play's server.
- Device recall is limited to protecting app security and mitigating abuse, fraud, and unauthorized access.
- Prerequisites include recent versions of Google Play Store and Google Play services, and a Play licensed user account.
- Device recall data is stored for 3 years after the last read or write access.
- Apps can reset all three values to false to delete all data associated with a device.
- All apps under the same Google Play developer account share the same three values per device.
- Device recall settings can be turned on or off in the Play Console under App integrity settings.
- Device recall values can be read in integrity verdicts once enabled.
- Modifying device recall values involves a server-to-server API call with a propagation delay of up to 30 seconds.