i'm new to Adroid apps ecosystem. I built a simple app and notice there are two different ANDROID IDs (i'm runnig app in emulator)
/data/system/users/0/settings_secure.xml
file:<setting id="25" name="android_id" value="9f43e4f495a6730" package="android" defaultValue="9f43e4f495a6730" defaultSysSet="true" />
$adb shell settings get secure android_id
in Terminal ---> this is also one I get/data/system/users/0/settings_ssaid.xml
<setting id="4" name="10153" value="35ea805581c66911" package="com.example.app_v1.demo.debug" defaultValue="35ea805581c66911" defaultSysSet="false" tag="null" />
<setting id="5" name="10154" value="35ea805581c66911" package="com.example.app_v2.full.debug" defaultValue="35ea805581c66911" defaultSysSet="false" tag="null" />
Settings.Secure.getString(this.getContentResolver(), Settings.Secure.ANDROID_ID
---> this is the one I getCan someone share the
app_v1
and app_v2
output same ANDROID ID (35ea805581c66911). Is my understanding correct it's because post Android-O, this ANDROID ID is scoped by signing key and user as per https://developer.android.com/reference/android/provider/Settings.Secure#ANDROID_ID ?Thanks for clarification in advance
purpose of having two different IDs? which one to use in which usecase? it's a bit confusing both are called ANDROID IDs despite stored at different locations (Is my understanding correct #1 is perhaps used by system / Andorid apps and #2 is to be used used by user, 3rd party app)
From the documentation you linked, and the description in SettingsProvider.java I think your understanding is correct, the value in settings_secure.xml
is there for the Android OS itself to access, while the "SSAID" is for 3rd party apps to access.
If you are an app developer, you don't have a choice of which one to use, since you only have access to the "SSAID" version.
If your question is why it is necessary to assign different Android IDs per signing key, my guess is that is to prevent 3rd party libraries from tracking the user across applications. (Think something like Admob SDK)
also i find it odd that both my app_v1 and app_v2output same ANDROID ID (35ea805581c66911). Is my understanding correct it's because post Android-O, this ANDROID ID is scoped by signing key and user as per https://developer.android.com/reference/android/provider/Settings.Secure#ANDROID_ID ?
My guess is because your app_v1 and app_v2 are signed with the same signing key, and therefore the Android ID they see is the same.