A Flutter plugin for the native MobRisk Pro libraries

Integrated Requirement

Compliance Explanation

Please note that when integrating SDK products provided by the TrustDecision in the APP of your company:

1.1 According to the user’s information protection regulations, before your users start the App for the first time and start collecting information, your company should fully inform the user of the purpose, method, and scope of collecting, using, and sharing the user’s personal information with a third party through an interactive interface or design (such as a pop-up window of the privacy policy), and obtain the express consent of the end user.


1.2 To provide business security and risk control services to your company, the TrustDecision SDK will collect, process, and use the identification information(IMEI/IDFA), AndroidID, IMSI, MEID, MAC address, SIM card serial number, device type, device model, system type, geographical location, login IP address, application list, running process, sensor information(light sensor, gravity sensor, magnetic field sensor, acceleration sensor, gyroscope sensor) and other device information of the user’s device. To ensure compliance with your use of related services, the aforementioned privacy policy should cover the authorization of TrustDecision SDK to provide services and collect, process, and use relevant information. The following terms are for your reference. The specific expression can be determined by your company according to the overall framework and content of your privacy agreement:

TrustDecision SDK: For business security and risk control, our company uses the TrustDecision SDK. The SDK needs to obtain the information of your devices, such as (IMEI/IDFA), AndroidID, IMSI, MAC address, SIM card serial number, device type, device model, system type, geographic location, login IP address, application list, running process, sensor information(light sensor, gravity sensor, magnetic field sensor, acceleration sensor, gyroscope sensor) and other related device information, for fraud risk identification.


Privacy Protocol: https://www.trustdecision.com/legal/privacy-policy

Precautions

Ensure that the trustdevice_pro_plugin is initialized after the user agrees to the privacy agreement, so as to avoid the occurrence of trustdevice_pro_plugin initialization and collection without the user’s consent to the privacy agreement, which may cause compliance risks.

Quick start

1.Add trustdevice_pro_plugin to the pubspec.yaml in your Flutter app

dependencies:
  flutter:
    sdk: flutter
  ...
  trustdevice_pro_plugin: ^1.0.0

2.Android permission application

Dynamic application permissions: Android 6.0 or above requires dynamic application permissions. Dynamic application permissions code must be placed before the initial plugin. The code example is as follows:

//The following permissions are not required to be applied for,and can be
//selectively applied for according to business conditions
 Future<void> _requestPermission() async {
    Map<Permission, PermissionStatus> statuses = await [
      Permission.location,
      Permission.phone,
    ].request();
  }

3.Initial configuration

import 'package:trustdevice_pro_plugin/trustdevice_pro_plugin.dart';
// ...

// Initialization
class _MyAppState extends State<MyApp> {
  final _trustdeviceProPlugin = TrustdeviceProPlugin();
  @override
  void initState() async {
    super.initState();
    Map<String, dynamic> configMap = {
    "appKey": "<appKey>", // configure AppKey, please contact TrustDecision Operations to obtain it 
    "appName": "<appName>", // app Name, such as appName, please fill in your app Name
    "partner": "<partner>",// Partner code, such as demo, please fill in your partner, get from trustDecision
    "country": "<country>" // Country parameter,E.g: cn、sg、us、fra
    };
    //initialize the configuration and return the blackbox
    var blackbox = await _trustdeviceProPlugin.initWithOptions(configMap);
  }
  // ...
}

configMap must have the following parameters:

KeyDefinitionDescriptionpartnerpartnerCodePartner code,such as TrustDecision,please fill in your partnerappKeyappKeyConfigure AppKey with TrustDecision, please contact TrustDecision Operations to get itappNameappNameapp Name,such as demo,please fill in your app NamecountryCountry codeus means North Americafra means Europesg means Singaporecn means China

We also provide optional parameter configuration, see the attached table for details (list of optional parameters for initial configuration)

4.Get the blackbox code example as follows

 Future<String> _getPlatformBlackBox() async {
    var blackbox = await _trustdeviceProPlugin.getBlackbox();
    return Future.value(blackbox);
  }

Get SDK Version

Sample Code

// Get SDK Version
 Future<String> _getSDKVersion() async {
    var sdkVersion = await _trustdeviceProPlugin.getSDKVersion();
    return Future.value(sdkVersion);
  }

Other Instructions

Android obfuscated packaging If developers need to use proguard for obfuscated packaging, please add the following code to the proguard configuration file:

-keep class cn.tongdun.**{*;}

Initial configuration optional parameter list

Android:

KeyDefinitionDescriptionhttpTimeoutSDK timeout interval configuration(unit: millisecond)Timeout interval of network request callback after SDK initialization. Defaults is 15 * 1000ms.collectLevelDowngrade blackbox collection field length configurationThe downgraded blackbox will be longer. This configuration can control the downgraded blackbox length 1. TDRisk.COLLECT_LEVEL_L (default value, the downgraded length is about 5000 characters) 2. TDRisk.COLLECT_LEVEL_M (the downgraded length is about 2000 characters)blackBoxMaxSizeblackbox maximum lengthThe default length is Integer.MAX_VALUE, it will increase according to the actual device situation)customProcessNamecustom process namechange the name of the processforceTLSVersionWhether https is mandatory to use TLS-v1.1 versionThe default is not mandatory, and the developer can set the corresponding settings according to the specific situationdisableDebuggerWhether to allow debuggingAfter the SDK is integrated, the app allows debugging by default, and the developer can make corresponding settings according to the specific situation.disableRunningTasksWhether to allow getting running tasksThe default is to allow access, you can call this method to closedisableGPSDo not collect GPS related informationIf you don’t want to get location related information, you can cancel the collection of location related information by this method. ⚠️ When this option is configured, the app has location rights and the SDK will not collect location related informationdisableSensorDo not collect sensor informationIf you do not collect sensor-related information, you can cancel the collection of relevant information through this method。disableReadPhoneDo not collect READ_PHONE related informationBy default, information that requires READ_PHONE_STATE permission is collected, and this method can be called to close itdisableInstallPackageListDo not collect the list of installation packagesBy default, the list of installation packages is collected, and this method can be called to close

IOS:

KeyDefinitionDescriptionSceneallowedAnti-debugging configurationAfter the SDK is integrated, the app has the anti-debugging function by default. If you don’t want this feature, please set allowed to disable it.Develop: Please set this configuration. Release: Please remove this configuration.timeLimitSDK timeout interval Configuration (unit: seconds)Timeout interval of network request callback after SDK initialization. Default is 15s.If you have certain requirements for the callback time of the SDK, please set timeLimit.noLocationSDK location information collection configurationSDK collects location if the app has been authorized to get location information.If you don’t want SDK to collect location information, please set noLocation.noIDFASDK Advertising Identifier (IDFA) collection configurationSDK collects IDFA if the app has been authorized to get IDFA information.If you don’t want SDK to collect IDFA information and contain IDFA-related code, please set noIDFA.noDeviceNameSDK deviceName collection configurationSDK collects deviceName if the app has been authorized to get deviceName information.If you don’t want SDK to collect deviceName information, please set noDeviceName.collectLevelDegraded blackbox length configurationDegraded blackbox will be longer. This configuration allows you to control the length of the degraded blackboxIf you wish the degraded blackbox length is as short as possible, please set this configuration.

GitHub

View Github

Description of the image

Related Posts