Better Mobile App

Safety Detect Ensures App Security to Be Accessible

From ride-hailing, navigation and mobile travel
To gaming, streaming, and social media
Mobile apps have become indispensable in daily life
But increased convenience puts sensitive user data at risk
HMS Core Safety Detect offers unique protections
For comprehensive app security with little effort!​
What Is Safety Detect?
Safety Detect is an open multi-dimensional security detection service offered by Huawei, that helps developers bolster app security capabilities, based on the Trusted Execution Environment (TEE) on Huawei phones, without compromising user experience.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
System Integrity Check (SysIntegrity)
SysIntegrity is capable of checking whether the user device is rooted, unlocked, or escalated for higher permissions, and uses this information to help you determine how and when to restrict your app's behavior to avoid potential leaking of sensitive user information or financial information.
A unique advantage of SysIntegrity is that it is based on the TEE OS, which is built into every Huawei phone (running EMUI 9.0 or later). The TEE OS comes with Huawei's in-house microkernel, which has achieved the prestigious CC EAL 5+ certification, and is the first solution of its kind to pass formal verification. Having integrated SysIntegrity, it can isolate apps for bolstered protection, and provide independent privacy security protection services. For example, services with high security requirements, such as the payment services, are provided with the appropriate level of protection in the TEE OS.
App Security Check (AppsCheck)
When your app has integrated AppsCheck, it can obtain a list of malicious apps on the user's device, which provides a strong basis for high-level risk analysis (for risky/virus-infected apps). Users are then warned of the presence of any risks on your app, or prompted to exit your app. According to the three largest global virus evaluation agencies, AppsCheck can detect malicious apps with a staggering accuracy rate of 99%.
Malicious URL Check (URLCheck)
With URLCheck, your app can determine whether a visited URL contains phishing or malware apps. The check strikes the optimal balance between performance and timeliness, and is capable of detecting a wide range of malicious URLs, such as phishing and Trojan-infested URLs. URLCheck is easy to integrate into your app, and provides trusted, operation-free security services, reducing the costs associated with developing secure browsing services.
Fake User Detection (UserDetect)
Fake user detection is critical for app operations, as the presence of fake operations such as game bots, activity bonus hunting, and malicious spamming, can give your app a bad reputation. UserDetect can identify spoofed devices, based on the device signature and identifier, and identity relevant environmental risks, such as roots, simulators, VMs, device change tools, and anonymous IP addresses. It can also recognize fake users based on screen touch and sensor behavior, as well as prevent batch registration, credential stuffing attacks, bonus hunting, and content crawlers. These safeguards provide your app's users with unmatched peace of mind.
Many popular apps have integrated Safety Detect, such as the app for International News Agency and Radio Sputnik， APUS, a popular browser in India and Southeast Asia, and 1998 Camera in Vietnam.
How Can I Integrate HUAWEI Safety Detect?
Each of the four functions in Safety Detect has a dedicated API that is easy to integrate. For guidance during the integration process, please refer to the HUAWEI Developers website, where you will find the integration guide and other resources for reference, or acquire your answers from HUAWEI Developer Forum.
* HMS Core 4.0 courses produced by HUAWEI Developers are now available on Huawei official channels, including Video Center on HUAWEI Developers.

Digital Marketing Accessible to All: No More Coding or Time-Consuming Event Tracking

More information like this, you can visit HUAWEI Developer Forum​
With the rapid growth of digital marketing, a myriad of ad attribution platforms and analysis tools have appeared on the market. In addition, organizations’ data requirements are becoming increasingly complex, which means their marketing strategies need to be much more flexible. But traditional coding is neither efficient nor flexible, because it requires a great deal of time-consuming work. Organizations need a tag management system which helps them manage all their tags in one place, so they don’t need to integrate multiple ad attribution platforms and analysis tools. That’s precisely what HUAWEI Dynamic Tag Manager (DTM) does, and best of all, it is completely free to use.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
With DTM, your marketing team can dynamically update all tracking tags using a user-friendly UI. They can then track specific events, and report data to third-party analytics and ad attribution platforms, without needing to do any coding.
Advantages of DTM
Dynamically Adjust Data Reporting Rules Without Coding
Generally, you’ll carry out marketing activities more frequently than you release app updates. This means if your marketing activity data monitoring is reliant on app updates, you will need to frequently modify your app’s code, and then wait until the next app update before your changes take effect. As a result, you may miss out on the best marketing time window. With DTM, you can do all of this from an easy-to-use DTM portal. You don’t need to do any coding, and your changes will take effect straight away, without needing to release an app update.
Simplify Advanced Tracking
With preset tags in DTM, you can complete advanced tracking that usually takes days or weeks in just a few minutes.
For example, instead of adding tracking codes for each of the Submit buttons on your website, you can create a tag with a group of specific rules to track click events for all Submit buttons.
Increase Website Access Speeds
In DTM, tags are deployed in asynchronous mode, so tags that load slowly will not affect the triggering of other tags.
Centralize Your Tag Management
DTM manages all tags on your website or in your app, and simplifies the procedure for adding, editing, and deleting tags, greatly improving your tag management efficiency.
Free Enterprise-level Services
DTM is free of charge and provides enterprise-level support, so you can enjoy high-quality services without financial investment.
Fast Track Visual Events Without Coding
DTM provides visual event tracking. With this function, you can scan the QR code on the DTM portal to synchronize your app screen or web page with the DTM portal. You can then add visual events and parameters by simply clicking elements on the app screen or web page within the DTM portal.
UI for adding visual events for an app
UI for adding visual events for a web page
You can also use DTM together with HUAWEI Analytics and Push Kit to further improve the operational efficiency.
Once visual events have been added and the relevant authorized data has been reported to HUAWEI Analytics with users’ consent, you can group users based on their behavior, attributes, and lifecycles. This helps you understand different users groups’ behaviors and demands, and enables you to target specific groups through targeted marketing activities, to continuously improve your user conversion rate and achieve business growth.
Quick Integration
Not sure how to integrate DTM? We have a wide range of documents, such as our development guide, API reference, and sample code, to help you get started. You can find these documents on the HUAWEI Developers website. If you have any questions, feel free to submit a ticket or send an email to [email protected].
For more details, you can go to:
Our official website
Our Development Documentation page, to find the documents you need
Reddit to join our developer discussion: https://www.reddit.com/r/HMSCore/
GitHub to download demos and sample codes
Stack Overflow to solve any integration problems

Tag management can yield lots of great benefits, such as faster sites, decreased technology maintenance, and improved marketing agility. It's becoming a required component in every site's stack. But over the past three years, it's gone from a point solution to a commodity feature in a larger data services portfolio for most vendors. I haven't tried this one yet, but it appears to be a good option.

Really it's very good news.

I used to think of digital marketing as something difficult. I was never really good at programming because I didn't memorize any programming languages. But a lot of popular software nowadays is developed so that even the most unsophisticated user can use it. So a few years ago, I created an SEO company, which is now a big part of the country's marketing services. We've benefited greatly from working with Belkins, who have been our partners since the company's inception. They found us clients and built our client base. Many of our first clients started coming to us yearly because of our effective and high-quality services. And I still don't know how to code!

APUS Browser Improved Its Block Rate of Risky URLs by 20% When It Integrated the URLCheck Function

Overview
APUS browser is an easy-to-use, intelligent app with a wide range of features. It enables users to quickly access websites, download videos, browse news, and much more. After the development team integrates the URLCheck (malicious URL check) function of HUAWEI Safety Detect into this app, APUS browser can identify malicious URLs and send reminders to users to prevent them from accessing malicious URLs, helping them avoid phishing, account theft, and even Trojan infection.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
When browsing the web, users' personal privacy information and property is at risk. Malicious URLs, such as phishing and fake website links, can tamper with devices and trick users into revealing their account information or transferring money. APUS browser's development team knew their app needed to be able to detect malicious URLs, so it could prevent users from inadvertently accessing risky websites.
"Apart from the intelligent browsing function, we are always prioritizing user privacy and security when users are browsing." said Xu Zhang, the APUS Browser's Tech Expert. "We need a detection method that is both easy-to-use and cost-effective, so we can provide a secure browsing experience for our users."
Solution
"The HUAWEI Safety Detect's URLCheck function meets every one of our requirements. It helps us quickly evaluate whether there are any risks in URLs", said Xu Zhang. With URLCheck, apps can confirm whether a URL is secure or malicious. Now that it has integrated URLCheck, APUS browser can quickly evaluate the risk type of the URL the user is attempting to access. "If our app finds a risk in the URL, we can notify users of the risk, then block the URL", Xu Zhang added.
"Since we integrated URLCheck, we've been able to improve the block rate for risky URLs by 20%", said Xu Zhang. "This function is easy to integrate and we don't need to operate it, so we can control the cost of implementing a secure browsing service."
After integrating the URLCheck function, APUS browser has gained the malicious URL detection capability, enabling the app to provide a fast and secure browsing experience for users.
Result
The block rate for risky URLs has been improved by 20%.
Demo
More details like this, you can check https://forums.developer.huawei.com/forumPortal/en/forum/hms-core

Comprehensive Analysis | Application Scenarios and Business Values of Keyring

Nowadays, it's common for an app developer to develop multiple apps across different platforms. However, an issue that arises is that when signing in to different apps or the same app across different platforms on the same device, users usually needs to repeatedly enter their account name and password even if the same account is used, which has a negative impact on user experience. HMS Core Keyring can help developers solve this problem effectively.
Keyring Capabilities​Keyring provides developers with the ability to manage user credentials throughout the credential lifecycle, including obtaining, encrypting, storing, authorizing, sharing, querying, accessing, and deleting credentials. These capabilities help developers provide a smooth sign-in experience for their users.
Encrypted storage on user devices
Keyring encrypts user credentials using a randomly generated key in the Trusted Execution Environment (TEE). The key varies depending on the device and can only be used in the TEE. Huawei does not have access to the content of the key. All these measures ensure that user credentials are securely stored on user devices. When storing credentials, developers can also choose to require the user to provide biometric information or enter their lock screen password when an app tries to access the stored credentials.
Credential sharing
Keyring allows users to share their credentials across different Android apps, quick apps, and web apps made by the same developer. When a user signs in to an app, the app searches for available credentials in Keyring. The available credentials may be stored by the app or shared by other apps with the app.
Data security
To ensure data security, Keyring can verify the identity of an Android app by its APK name, verify the identity of a quick app by its package name and certificate hash value, and verify the identity of a web app by its URL, thus effectively preventing user credentials from being stolen by spoof apps and ensuring the security of credential sharing.
Credential deletion and update
Keyring provides developers with APIs for deleting and updating credentials. After the user signs out of an app account, the account credential will be deleted from Keyring.
Privacy Experience​As for privacy, Keyring complies with various privacy policies and ensures that user experience is not affected.
Firstly, Keyring only stores and shares users' credentials on their devices, and does not upload the credentials to the Huawei cloud server. Therefore, users are the sole data controller of their credentials. Huawei will not actively perform any actions that affect the security of user credentials, such as modifying or deleting them. Secondly, Keyring's privacy statement has been incorporated into the Statement About HMS Core and Privacy. Therefore, your app does not need to separately notify users about Keyring's privacy policies. You can visit our official website to view success stories from developers who have used Keyring to provide users with an excellent cross-app and cross-platform sign-in experience.
Application Scenarios​Cross-Platform Sign-In
Developers are increasingly releasing their apps on various different platforms. However, when users use an app on a different platform, they find themselves having to enter their sign-in information each time they want to sign in. Keyring provides apps on different platforms with corresponding APIs, including the Keyring SDK, quick app APIs, and web APIs, thus supporting credential sharing between apps across different platforms.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
​
Take a shopping app as an example. Sending promotional messages to users during special events and national holidays is one of the most common marketing strategies and is also popular with users. A user signs in to the Android version of the shopping app and then receives a promotional message for a particular product. The user then taps the link in the message to open the web version of the app in HUAWEI Browser. Keyring automatically signs the user in, after which the user is free to start shopping.
Cross-App Sign-In
As developers mature and grow, most will end up developing multiple apps. However, it's not easy to acquire users for a new app. Once a developer releases a new app, Keyring serves as a bridge that efficiently connects users of the developer's existing apps to the new app. Thanks to this, users can seamlessly sign in to the new app with a single tap, without having to re-enter their account names and passwords.
Put simply, when a user signs in to existing app A and then installs new app B made by the same developer, the user can directly sign in to app B using the credentials saved by app A, without needing to enter their account name and password again.
Account Change
Keyring can store multiple credentials from the same user in an app. The app can provide a confirmation screen so that users can choose which account to sign in with, facilitating account change. In addition, developers can ask users to provide their biometric information or enter their lock screen passwords before they sign in, which effectively prevents security risks such as account spoofing.
Business Values​Keyring's cross-app sign-in functionality allows multiple apps made by the same developer to share users with each other, helping developers quickly boost the user base of their app. In addition, Keyring also allows developers to share users between their Android apps, quick apps, and web apps. By creating a seamless sign-in experience across different apps and platforms, Keyring helps developers simplify the sign-in process to shorten the user conversion path and improve the user conversion rate. Put simply, Keyring is a powerful tool that can help developers achieve business success.
Keyring's core features of providing smooth sign-in, data security, and user sharing are ideal for every type of app, whether it be shopping, travel, social media, or reading. In the future, Keyring will continue to add new features to its repertoire as HMS Core expands its security-related capabilities, and provide even more cutting-edge services for developers.
To learn more, please visit:
>> HUAWEI Developers official website
>> Development Guide
>> Reddit to join developer discussions
>> GitHub to download the sample code
>> Stack Overflow to solve integration problems
Follow our official account for the latest HMS Core-related news and updates.

How to Request User Consent on Privacy Data for Advertising?

The rapid speed and convenience of mobile data have seen more and more people use smart devices to surf the Internet. This convenience, however, appears to have compromised their privacy as users often find that when they open their phone after a chat, they will come across product ads of things they just mentioned. They believe their device's microphone is spying on their conversations, picking up on keywords for the purpose of targeted ad push.
This train of thought has good ground, because advertisers these days carefully place ads in locations where they appeal the most. Inevitably, to deliver effective ads, apps need to collect as much user data as possible for reference. Although these apps request users' consent before letting users enjoy the app, on one hand, many users are worried about how their private data is managed and do not want to spend time reading lengthy personal data collection agreements. On the other hand, there is no global and unified advertising industry standards and legal framework, especially in terms of advertising service transparency and obtaining user consent. As a result, the process of collecting user data between advertisers, apps, and third-party data platforms is not particularly transparent.
So how can we handle that? IAB Europe and IAB Technology Laboratory (Tech Lab) released the Transparency and Consent Framework (TCF), and the IAB Tech Lab stewards technical specifications for TCF. TCF v2.0 now has been released, which requires the app to notify users of what data is being collected and how advertisers cooperating with the app intend to use such data. Users reserve the right to grant or refuse consent and exercise their "right to object" to the collection of their personal data. Users are better positioned to determine when and how vendors can use data processing functions such as precise geographical locations, so that users can better understand how their personal data is collected and used, ultimately protecting users' data rights and standardizing personal data collection across apps.
Put simply, TCF v2.0 simplifies the programmatic advertising process for advertisers, apps, and third-party data platforms, so that once data usage permissions are standardized, users can better understand who has access to their personal data and how it is being used.
To protect user privacy, build an open and compliant advertising ecosystem, and consolidate the compliance of advertising services, HUAWEI Ads joined the global vendor list (GVL) of TCF v2.0 on September 18, 2020, and our vendor ID is 856.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
HUAWEI Ads does not require partners to integrate TCF v2.0. This section describes how HUAWEI Ads interacts with apps that have integrated or will integrate TCF v2.0 only.
Apps that do not support TCF v2.0 can send user consent information to HUAWEI Ads through the Consent SDK. Please refer to this link for more details. If you are going to integrate TCF v2.0, please read the information below about how HUAWEI Ads processes data contained in ad requests based on the Transparency and Consent (TC) string of TCF v2.0. Before using HUAWEI Ads with TCF v2.0, your app needs to register as a Consent Management Platform (CMP) of TCF v2.0 or use a registered TCF v2.0 CMP. SSPs, DSPs, and third-party tracking platforms that interact with HUAWEI Ads through TCF v2.0 must apply to be a vendor on the GVL.
Purposes​
To ensure that your app can smoothly use HUAWEI Ads within TCF v2.0, please refer to the following table for the purposes and legal bases declared by HUAWEI Ads when being registered as a vendor of TCF v2.0.
The phrase "use HUAWEI Ads within TCF v2.0" mentioned earlier includes but is not limited to:
Bidding on bid requests received by HUAWEI Ads
Sending bid requests to DSPs through HUAWEI Ads
Using third-party tracking platforms to track and analyze the ad performance
For details, check the different policies of HUAWEI Ads in the following table.
Purpose​Purpose/Function​Legal Basis​1​Store and/or access information on a device.User consent​2​Select basic ads.User consent/Legitimate interest​3​Create a personalized ad profile.User consent​4​Deliver personalized ads.User consent​7​Measure ad performance.User consent/Legitimate interest​9​Apply market research to generate audience insights.User consent/Legitimate interest​10​Develop and improve products.User consent/Legitimate interest​Special purpose 1​Ensure security, prevent frauds, and debug.Legitimate interest​Special purpose 2​Technically deliver ads or content.Legitimate interest​
Usage of the TC String​
A TC string contains user consent information on a purpose or feature, and its format is defined by IAB Europe. HUAWEI Ads processes data according to the consent information contained in the TC string by following the IAB Europe Transparency & Consent Framework Policies.
If you are a publisher and your app supports TCF v2.0, you can use setConsent(String consent) in the HUAWEI Ads SDK to pass a TC string to HUAWEI Ads. For details, please refer to setConsent(String consent).
The sample code is as follows:
Code:
// Set the user consent string that complies with TCF v2.0.
RequestOptions requestOptions = HwAds.getRequestOptions();
requestOptions.toBuilder().setConsent("tcfString").build();
If you are an SSP or Ad Exchange (ADX) provider and your platform supports TCF v2.0, you can add a TC string to an ad or bidding request and send it to HUAWEI Ads. HUAWEI Ads will then process users' personal data based on the consent information contained in the received TC string. For details about the API, please contact the HUAWEI Ads support team.
If you are a DSP provider and your platform supports TCF v2.0, HUAWEI Ads, functioning as an ADX, determines whether to send users' personal data in bidding requests to you according to the consent information contained in the TC string. Only when users' consent is obtained can HUAWEI Ads share their personal data with you. For details about the API, please contact the HUAWEI Ads support team.
For other precautions, see the guide on integration with IAB TCF v2.0.
References​
Ads Kit
Development Guide of Ads Kit