What Is Included And How You Can Test It
First of all, let's clarify what New Identity is and how it works.
Each Android app has access to various device parameters. It's a common practice for large companies to scan these parameters and store them in cloud databases. This helps them create "device fingerprints" to detect bots and avoid anonymity. Our goal is to feed them randomised data and keep the anonymity.
What we do is we decompile the app downloaded from the Google Play. Then a special script goes through ALL of the code files looking for the places where it requests any device parameters. In these places we replace the original code with "stubs".
Each Android app has access to various device parameters. It's a common practice for large companies to scan these parameters and store them in cloud databases. This helps them create "device fingerprints" to detect bots and avoid anonymity. Our goal is to feed them randomised data and keep the anonymity.
What we do is we decompile the app downloaded from the Google Play. Then a special script goes through ALL of the code files looking for the places where it requests any device parameters. In these places we replace the original code with "stubs".
What we call "stubs" are actually "hardcoded" values which we prepare beforehand. They are: generated Android ID, generated build props, etc. These values altogether form the New Identity. The app sees them instead of the real device parameters. The stubs are generated independently for each clone which makes all the identities unique. We also care to make the identities real, so we actually use a large database of all possible devices and combine the values from there.
Now the question is – how to make sure that this approach really works?
We had this question in mind when we started working on the New Identity. For the testing purpose we created an app called NomixClonerApp. It is open source, you can find the code on Github. The app basically obtains the device parameters and shows them on the screen. When we do the testing we run our algorithm on this app. Then we check that the cloned version shows a fake identity instead of the real values.
Now the question is – how to make sure that this approach really works?
We had this question in mind when we started working on the New Identity. For the testing purpose we created an app called NomixClonerApp. It is open source, you can find the code on Github. The app basically obtains the device parameters and shows them on the screen. When we do the testing we run our algorithm on this app. Then we check that the cloned version shows a fake identity instead of the real values.
You can verify this algorithm yourself. Just create a clone of com.nomixcloner.app in NomixCloner and compare your generated identity with the actual result in the cloned app.
You will see the same values, it means that New Identity is successfully injected into the app. The same way it works for all apps supported in NomixCloner. Now let's take a deeper look on the list of parameters.
Which parameters we include in New Identity and why?
We took AppCloner's New Identity feature as a base. Our goal was to create similar functionality and make it as good as AppCloner's or even better, if possible. We processed the list of parameters provided by the AppCloner and made our own research. Please see the results.
In fact, we indeed managed to do our New Identity slightly better than AppCloner's implementation! We paid much more attention to make our generated identities look real. Unlike AppCloner, we don't replace data with empty spaces or random letters. As mentioned before, we have a database with real-world data. When constructing identities, we randomly pick the values for manufacturers, models of their phones, hardware and appropriate OS versions. In addition to that we create fresh unique IDs. This approach makes our clones as trusted as the original apps.
We hope that you have better understanding of our work now. Looking forward to further improve our product for you!
Join discussion in Telegram
Which parameters we include in New Identity and why?
We took AppCloner's New Identity feature as a base. Our goal was to create similar functionality and make it as good as AppCloner's or even better, if possible. We processed the list of parameters provided by the AppCloner and made our own research. Please see the results.
- Serial number: not available in Android 10+, which means that the simplest way to hide your serial number from the apps is just to upgrade to Android 10 or above
- Android ID: + (included in NomixCloner's New Identity)
- IMEI/IMSI: not available in Android 10+
- WiFi & Bluetooth MAC addresses: not available in Android 10+
- SIM & operator info: + (requires READ_PHONE_STATE permission, which we disabled for all our clones)
- Location: + (requires LOCATION permission, which we disabled for all our clones)
- DNS servers: +
- GPU info: - (not likely to be used for devices fingerprinting, but will be included in NomixCloner's New Identity in the future)
- Build props: +
- OS version: +
- User creation time: not available in Android at all
- Google Advertising ID: +
- Facebook Advertising ID: Facebook internally uses same Google Advertising ID
- Amazon Advertising ID: is used only on Amazon devices
In fact, we indeed managed to do our New Identity slightly better than AppCloner's implementation! We paid much more attention to make our generated identities look real. Unlike AppCloner, we don't replace data with empty spaces or random letters. As mentioned before, we have a database with real-world data. When constructing identities, we randomly pick the values for manufacturers, models of their phones, hardware and appropriate OS versions. In addition to that we create fresh unique IDs. This approach makes our clones as trusted as the original apps.
We hope that you have better understanding of our work now. Looking forward to further improve our product for you!
Join discussion in Telegram
Start for free with one clone per app every day or purchase Premium ⭐️ for unlimited cloning.