The Windows Store application obtains the device ID in several ways.

The Windows Store application obtains the device ID in several ways.

This article is a personal blog backup article, the original address:

Http://validvoid.net/solutions-get-device-id-for-uwp/

Generating unique device IDs for data statistics is a very common requirement in application development. However, since WP 7.8, it is impossible to obtain a unique and unchanged one on the WP platform, the device IDs of different applications are the same. This article summarizes several methods for device ID statistics on the Windows Store platform, which can be selected based on specific needs during development.

1. Ad ID

Ad IDs are mainly used to analyze the applications installed by users and how they are used to optimize the relevance and frequency of AD pushing. They are also used to detect ad fraud and other security issues.

public static string AdvertisingId { get; }

Features

• Unique for each user and Device
• Application consistency

Disadvantages

• Ad IDs are not continuously available. You can disable them in the privacy options or group policies set by the system.
• The ad ID is not permanently unique. In the following situations, the ad ID changes:
  • After the user closes the ad ID, the ad ID is re-generated.
  • After the user resets or upgrades the device (mobile phone, PC, etc.) operating system, the advertisement ID is generated again.
• Because the ad ID is unique to each user and device, the ad ID does not roam between different devices as the user account.
• The advertisement ID cannot be enabled in the children's account.

Usage

var advertisingId = Windows.System.UserProfile.AdvertisingManager.AdvertisingId;

 

When the ad ID is disabled, the return value for obtaining the ad ID using the preceding API is null.

MSDN documentation
AdvertisingManager. AdvertisingId | advertisingId property

2. EasClientDeviceInformation

The EasClientDeviceInformation class is used to obtain information about the local ExchangeActiveSync device. There is a Guid type Id attribute to obtain the device Id.

public Guid Id { get; }

 

Returns the identifier of the local computer. The Id attribute indicates the DeviceId, which is the first 16 characters of GUID truncated from the SHA256 hash value of MachineID, user SID1, and package family name (PFN) 2. The MachineID uses the SID of the local user group ). Each component of GUID is returned in bytes of the network.

Features

• Unique for each user, device, and Application

Disadvantages

• Unique for each application

Because the elements that constitute the device information ID of the EAS client contain the package family name (PFN), the device information ID of the EAS client is unique between each application. If you have multiple applications that require unique device IDs for data statistics, the two applications on the same device will return two different IDs.

Usage

var easId = new Windows.Security.ExchangeActiveSyncProvisioning.EasClientDeviceInformation().Id;

 

MSDN documentation
EasClientDeviceInformation class

3. Application-specific hardware ID (ASHWID)

Application-specific hardware ID (ASHWID) identifies a unique device by displaying the hardware features of the device. ASHWID can be used to limit the number of devices that the application distributes to, or restrict the unique authorization for each device.

Features

• Unique per device and Application
• User consistency
• The following operations will not change:
  • Reinstall the Operating System
  • Push Button Reset
  • Operating System SKU upgrade
  • Application version update
  • Change User on the same device
• Verifiable authenticity

Disadvantages

• The value will change as the hardware of the device changes.

Composition of ASHWID

ASHWID is generated based on the hardware composition of the current device and the name of the current application package.

ASHWID is generated based on the following nine possible hardware components. Each hardware component corresponds to a part of the byte stream returned by ASHWID:

ASHWID may not exactly contain nine component IDs. Possible causes include:

• The target hardware may not have exactly nine independent components. For example, the Desktop may not have a docking station.
• The device may have multiple components of the same type. For example, there may be two audio adapters.
• Each physical disk drive corresponds to a component ID. The desktop system with three physical disk drives returns three component IDs.
• When the tablet device is connected to the docking station, it returns the component ID of another network (Ethernet) adapter and audio adapter (from HDMI or analog audio output port.

The byte stream of ASHWID identifies the type and value of the hardware component, as shown in the following table:

Byte stream Representation	Components
1, 0	Processor
2, 0	Memory
3, 0	Disk device
4,0	Network Adapter
5, 0	Audio Adapter
6, 0	Docking Station
7, 0	Mobile broadband
8, 0	Bluetooth
9,0	System BIOS

The above table is taken from the MSDN document.

For privacy security considerations, the application package name is taken into account when the ASHWID is generated. Therefore, the two applications on the same device obtain different ashwids. As long as the hardware of the device remains unchanged, the ASHWID obtained by the same application on the same device is always the same.

ASHWID example

The enumeration sequence of different component IDs does not need to be consecutive. The following example shows a small number of ashwids. Note: in a stream, the number and sequence of component IDs are different.

7,0,124,215,3,0,206,143,8,0,128,55,5,0,12,222,5,0,128,255,6,0,1,0,4,0,20,22,4,0,48,155,1,0,250,155,2,0,162,217,9,0,92,101

Mobile broadband found on Samsung Intel Core i5 tablets.

7,0,124,215,3,0,206,143,8,0,128,55,5,0,126,129,5,0,12,222,5,0,128,255,6,0,1,0,4,0,20,22,4,0,48,155,4,0,178,193,1,0,250,155,2,0,162,217,9,0,92,101

There are three different audio adapters on the same device and three different network adapters on the same device.

3,0,188,97,3,0,76,128,3,0,250,138,5,0,220,130,6,0,1,0,4,0,20,164,1,0,204,49,2,0,226,37,9,0,22,72

Three different disks are found on the desktop.

3,0,24,211,5,0,182,46,5,0,54,49,6,0,1,0,4,0,203,9,1,0,148,99,2,0,162,255,9,0,140,234

Nvidia Tegra 3 device. You may notice that the stream "6, 0, 1, 0" corresponds to the docking station, regardless of the device or shape specifications.

The preceding example is taken from the MSDN document.

Usage

To obtain the ASHWID, you can use the HardwareIdentification. GetPackageSpecificToken method.

This method accepts a parameterIBuffer nonce.nonceIs a number that is used only once. Generally, this number is a random number, which is large enough to reduce the possibility of repeated use of numbers.nonceUsed in authentication protocols to prevent replay attacks.

This method returnsHardwareTokenType.HardwareTokenType indicates that a tag contains a unique hardware-based identifier.

HardwareTokenThe data type includes the following three attributes:IBuffer):

• Certificate: Obtain the certificate used to sign the hardware-specific Id to verify the authenticity of the Id.
• Id: Obtain the specific hardware Id.
• Signature: Obtain the signature of the hardware-specific Id to verify the authenticity of the Id.

HardwareToken packageSpecificToken;packageSpecificToken =  Windows.System.Profile.HardwareIdentification.GetPackageSpecificToken(nonce);IBuffer hardwareId  = packageSpecificToken.Id;IBuffer signature = packageSpecificToken.Signature;IBuffer certificate = packageSpecificToken.Certificate;var dataReader = Windows.Storage.Streams.DataReader.FromBuffer(hardwareId);  byte[] bytes = new byte[hardwareId.Length];  dataReader.ReadBytes(bytes);  string id = BitConverter.ToString(bytes);

 

Verify the validity of ASHWID

To use ASHWID to implement genuine authorization verification and restrict application distribution, you can use the optional nonce, signature, and certificate in combination with the application's cloud for verification.

Before callingGetPackageSpecificTokenMethod, You can inputIBufferTypenonceParameters. By providing different nonce each time, the cloud can verify that the returned ASHWID actually comes from Windows and is not replayed by users.

Unless the cloud does not care about replay attacks or the processing of ASHWID is only completed on the client side, it is not recommended thatGetPackageSpecificTokenMethod passed null nonce.

Because the ASHWID changes with the hardware of the device, when the cloud verifies the ASHWID, it needs to calculate the change volume of the ASHWID in response and determine the validity of the license authorization within the permitted range.

For more information about cloud-based authentication of ASHWID, see the MSDN document "Guide on using application-specific hardware ID (ASHWID) to implement the logic of each device application".