Lisk-mobile: Stop using Android ID ( the getUniqueId method ) as username for keychain storage #1940

ManuGowda · 2023-07-20T15:32:13Z

Expected behavior

Using the Android ID may raise concerns about users' privacy and it forces the READ_PHONE_STATE permission to be used, which may be alarming for users. Use an application-wild constant instead, possibly concatenated with a random string.

Reference: https://github.com/LiskHQ/lisk-mobile/blob/52ac8a151ee4f4fe6f3dbd3f50343ca2052731c9/src/modules/Auth/utils/recoveryPhrase.js#L105-L105

ManuGowda added the type: bug label Jul 20, 2023

sridharmeganathan added this to the Sprint 69 milestone Jul 31, 2023

sridharmeganathan mentioned this issue Aug 1, 2023

Prepare Lisk Mobile v3.0.0 for rc #1368

Closed

97 tasks

Balanced02 self-assigned this Aug 2, 2023

Balanced02 mentioned this issue Aug 2, 2023

lisk mobile stop using android id the getuniqueid method as username for keychain storage #1969

Merged

2 tasks

Balanced02 linked a pull request Aug 2, 2023 that will close this issue

lisk mobile stop using android id the getuniqueid method as username for keychain storage #1969

Merged

2 tasks

ManuGowda closed this as completed Aug 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Lisk-mobile: Stop using Android ID ( the getUniqueId method ) as username for keychain storage #1940

Lisk-mobile: Stop using Android ID ( the getUniqueId method ) as username for keychain storage #1940

ManuGowda commented Jul 20, 2023

Lisk-mobile: Stop using Android ID ( the getUniqueId method ) as username for keychain storage #1940

Lisk-mobile: Stop using Android ID ( the getUniqueId method ) as username for keychain storage #1940

Comments

ManuGowda commented Jul 20, 2023

Expected behavior