This might be one of those “not answerable” or “just opinions”-questions but I thought I’d give it a shot.
I’m developing an app with health care information with a friend who’s a doctor. The basics of app are done and the information in the database is shaping up so now I’ve come to the question of wether, and if so how, I should restrict access to that information to just my app. The question of if is one I can answer, but any opinions are welcome. The question of how is where I need your help.
The app is written in Java on Android and the backend in Django, what ways do you see for restricting access to the backend so that other scripts/apps can’t access it? One idea I had was for the phone to request an api key on first start and bind it to the IMIE number which I think is unique for each phone, then keep track of those tuples on the server.
We(as in I) will likely port this to iOS at some stage, so it needs to be fairly cross-platform, I thought about binding to google accounts instead of IMIE number before.
While you may be ways how to make it harder the general answer is no (what you are describing is similar in idea to DRM). You must assume that whoever have the application on their phone is able to reverse engineer it and (by definition) have all the necessary keys/passwords.
What you may do is restrict access to certain account by using authentication in similar way stackexchange is restricting access to your account only to you (but cannot restrict you to single application – I can fake the IE request by using telnet). Hence try to check in backend for user and be prepared for (potentially) malicious input from user who tried another application.
As last notes:
- you want to connect by
httpsof course. - check the regulations regarding handling medical data. While IANAL and I’ve never been in medical-related industry I do know that in some jurisdictions there are laws regarding handling such data and if procedures are not followed you (or your friend) might be in troubles even if nothing will happen.
- while spoofing IMIE numbers is not legal in many places it is likely to be trivial to spoof it by using Android VM. Also IIRC IMIE is broadcasted through GSM network which crypto is broken for the last 20 years or so (so it can be assumed to be transmitted as plaintext).
1