trustdevice_pro_plugin 1.1.0

Flutter plugin that can be used in an application to call the native mobrisk Pro libraries and identify devices.

Integrated Requirement

Compliance Explanation

Please note that when integrating SDK products provided by the TrustDecision in the APP of your company:

1.1 According to the user's information protection regulations, before your users start the App for the first time and start collecting information, your company should fully inform the user of the purpose, method, and scope of collecting, using, and sharing the user's personal information with a third party through an interactive interface or design (such as a pop-up window of the privacy policy), and obtain the express consent of the end user.

1.2 To provide business security and risk control services to your company, the TrustDecision SDK will collect, process, and use the identification information（IMEI/IDFA）, AndroidID, IMSI, MEID, MAC address, SIM card serial number, device type, device model, system type, geographical location, login IP address, application list, running process, sensor information(light sensor, gravity sensor, magnetic field sensor, acceleration sensor, gyroscope sensor) and other device information of the user's device. To ensure compliance with your use of related services, the aforementioned privacy policy should cover the authorization of TrustDecision SDK to provide services and collect, process, and use relevant information. The following terms are for your reference. The specific expression can be determined by your company according to the overall framework and content of your privacy agreement:

TrustDecision SDK: For business security and risk control, our company uses the TrustDecision SDK. The SDK needs to obtain the information of your devices, such as （IMEI/IDFA）, AndroidID, IMSI, MAC address, SIM card serial number, device type, device model, system type, geographic location, login IP address, application list, running process, sensor information(light sensor, gravity sensor, magnetic field sensor, acceleration sensor, gyroscope sensor) and other related device information, for fraud risk identification.

Privacy Protocol: https://www.trustdecision.com/legal/privacy-policy

Precautions

Ensure that the trustdevice_pro_plugin is initialized after the user agrees to the privacy agreement, so as to avoid the occurrence of trustdevice_pro_plugin initialization and collection without the user's consent to the privacy agreement, which may cause compliance risks.

Quick start

1.Add trustdevice_pro_plugin to the pubspec.yaml in your Flutter app

dependencies:
  flutter:
    sdk: flutter
  ...
  trustdevice_pro_plugin: ^1.1.0

2.Android permission application

Declare the following permissions in the AndroidManifest.xml file under the application module

<manifest>
   <!--Compulsory permissions-->
   <uses-permission android:name="android.permission.INTERNET"/>
   <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
   <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>

   <!--The following permissions are optional. If this part of the authority is not declared, the acquisition of some device information will be abandoned, which will have a certain effect on data analysis and the accuracy of the fingerprint of the device fingerprint-->
   <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
   <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
   <uses-permission android:name="android.permission.READ_PHONE_STATE" />
   <!-- This permission is required for Android 11 and above to obtain the installation package list. Collecting the installation package list involves risk and compliance. Whether this permission is required is optional for the business party
select -->
   <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/>
</manifest>

Dynamic application permissions: Android 6.0 or above requires dynamic application permissions. Dynamic application permissions code must be placed before the initial plugin. The code example is as follows:

//The following permissions are not required to be applied for, 
//and can be selectively applied for according to business conditions
 Future<void> _requestPermission() async {
    Map<Permission, PermissionStatus> statuses = await [
      Permission.location,
      Permission.phone,
    ].request();
  }

3.Initial configuration

import 'package:trustdevice_pro_plugin/trustdevice_pro_plugin.dart';
// ...

// Initialization
class _MyAppState extends State<MyApp> {
  final _trustdeviceProPlugin = TrustdeviceProPlugin();
  @override
  void initState() async {
    super.initState();
    var options = {
            "partner": "[Your partner]",
            "appKey": "[Your appKey]",
            "appName": "[Your appName]",
            "country": "[Your country code]",
        };
    //initialize the configuration and return the blackbox
    var blackbox = await _trustdeviceProPlugin.initWithOptions(options);
  }
  // ...
}

Required Configuration

Key	Definition	Description	Platform	Sample code
partner	Partner code	Partner, please contact TrustDecision to obtain	All	options["partner"] = "[Your partner]"
appKey	App key	Appkey, please offer your App bundleId for TrustDecision to obtain appkey creation requires the user to provide the application bundleId. ⚠️ Different values for bundleId are used for different applications	All	options["appKey"] = "[Your appKey]"
appName	App name	AppName, please contact TrustDecision to obtain	All	options["appName"] = "[Your appName]"
country	Country code	cn: means China; sg: means Singapore; us: means North America; fra: means Europe	All	options["country"] = "[Your country code]"

We also provide optional parameter configuration, see the attached table for details (list of optional parameters for initial configuration)

4.Get the blackbox code example as follows

Attention

• Please getBlackBox after initWithOptions, otherwise SDK exceptions will be caused.
• We suggest that developers do not cache the results returned by getBlackBox in the app. Please rely on this function to get blackbox.

 Future<String> _getPlatformBlackBox() async {
    var blackbox = await _trustdeviceProPlugin.getBlackbox();
    return Future.value(blackbox);
  }

Get SDK Version

Sample Code

// Get SDK Version
 Future<String> _getSDKVersion() async {
    var sdkVersion = await _trustdeviceProPlugin.getSDKVersion();
    return Future.value(sdkVersion);
  }

Other Instructions

Android obfuscated packaging If developers need to use proguard for obfuscated packaging, please add the following code to the proguard configuration file:

-keep class cn.tongdun.**{*;}

Initial configuration optional parameter list

Key	Definition	Description	Platform	Sample code
allowed	Whether allow debug	default is false,After the SDK is integrated, the app has the anti-debugging function by default. Develop: Please set value to true. Release: Please not set this key or set value to false Options: true: allow debug; false: not allow debug	All	options["allowed"] = true
timeLimit	SDK timeout interval Configuration (unit: seconds)	Timeout interval of network request callback after SDK initialization. Default is 15s.	All	options["timeLimit"] = 5
location	Whether collect location information	default is true,SDK will collect location if the app has been authorized to get location information. Options: true: allow collect location information; false: not allow collect location information	All	options["location"] = true
collectLevel	Degraded blackbox length configuration	Degraded blackbox will be longer. This configuration allows you to control the length of the degraded blackbox. Options: "M": After setting, the degraded blackbox length is about 2000 characters; "L": default value, after setting, the degraded length is about 5000 characters	All	options["collectLevel"] = "M"
IDFA	Whether collect Advertising Identifier (IDFA) information	default is true,SDK will collect IDFA information if the app has been authorized to get IDFA information. Options: true: allow collect IDFA information; false: not allow collect IDFA information	iOS	options["IDFA"] = true
deviceName	Whether collect device's name information	default is true,SDK will collect device's name information. Options: true: allow collect device's name information; false: not allow collect device's name information	iOS	options["deviceName"] = true
blackBoxMaxSize	blackbox maximum length	The default length is Integer.MAX_VALUE, it will increase according to the actual device situation	Android	options["blackBoxMaxSize"] = 3000
customProcessName	custom process name	change the name of the SDK's process	Android	options["customProcessName"] = "td"
forceTLSVersion	Whether https is mandatory to use TLS-v1.1 version	default is false, and the developer can set the corresponding settings according to the specific situation. Options: true: use TLS-v1.1 version; false: not use TLS-v1.1 version	Android	options["forceTLSVersion"] = true
runningTasks	Whether allow getting running tasks	default is true. Options: true: allow getting running tasks; false: not allow getting running tasks	Android	options["runningTasks"] = true
sensor	Whether collect sensor information	default is true,SDK will collect sensor-related information. Options: true: collect sensor information; false: not collect sensor information	Android	options["sensor"] = true
readPhone	Whether collect READ_PHONE_STATE related information	default is true,SDK will collect READ_PHONE_STATE information if app gained READ_PHONE_STATE permission Options: true: collect READ_PHONE_STATE related information; false: not collect READ_PHONE_STATE related information	Android	options["readPhone"] = true
installPackageList	Whether collect the list of installation packages	default is true,SDK will collect the list of installation packages. Options: true: collect the list of installation packages; false: not collect the list of installation packages	Android	options["installPackageList"] = true