Does Riskminder SDK DDNA information persist when App is reinstalled

book

Article ID: 129658

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

Customers have queried if the DDNA API setRMDeviceId sets the DeviceID in persistent storage such that it can be accessed even when the underlying App is de-installed and re-installed. 

Does Riskminder SDK DDNA information (like DeviceID) persist when App deleted and reinstalled? 

Environment

Android SDK provided by Riskminder DDNA  SDK

Resolution

Current Design
DeviceID from App is stored in to the internal storage,  and once the corresponding app is uninstalled  all the data stored in internal storage is removed. 

Reason for the Design 
For security reason the data is removed as this information should be private to that particular application and also to have uniqueness with other Apps using Riskminder API's in end user mobiles.

So after re-installation previous Deviceid is not made available.

For more information on the android storage system please check the below link section (Internal Storage)
https://developer.android.com/guide/topics/data/data-storage

Additional Information

Android keychain can also be one of the options to store the DeviceID.  
Having said the above this would be custom implementation based on customer's business need and Broadcom does not suggest or restrict the customer for going with any specific approach to achieve storing of the DeviceID

Keychain related link
https://developer.android.com/reference/android/security/KeyChain