Admob android SDK V21.0.0. gets user's android ID
97 views
Skip to first unread message
Aeryn Chuang
Jun 21, 2022, 8:19:06 AM6/21/22
to Google Mobile Ads SDK Developers
Hi Support team,
We found a security issue in Admob android SDK V21.0.0. (also found it in V20.6.0 and V19.0.0.)
Admob android SDK gets user's android ID when sending an ad request.
Our technical team has provided relevant information, please refer to the stack lines and screenshots below.
android.provider.Settings$Secure.getString(Native Method),
com.google.android.gms.internal.ads.zzcfb.zzw(com.google.android.gms:play-services-ads-lite@@21.0.0:2),
com.google.android.gms.ads.internal.client.zzdr.zzt(com.google.android.gms:play-services-ads-lite@@21.0.0:2),
com.google.android.gms.ads.internal.client.zzp.zza(com.google.android.gms:play-services-ads-lite@@21.0.0:8),
com.google.android.gms.internal.ads.zzcbx.zza(com.google.android.gms:play-services-ads-lite@@21.0.0:1),
com.google.android.gms.ads.rewardedinterstitial.RewardedInterstitialAd.load(com.google.android.gms:play-services-ads-lite@@21.0.0:11),
com.zhiyuan.demo.MainActivity.loadAd(MainActivity.kt:35),
com.zhiyuan.demo.MainActivity.onLoadClick(MainActivity.kt:49),
java.lang.reflect.Method.invoke(Native Method),
androidx.appcompat.app.AppCompatViewInflater$DeclaredOnClickListener.onClick(AppCompatViewInflater.java:441),
android.view.View.performClick(View.java:7755),
com.google.android.material.button.MaterialButton.performClick(MaterialButton.java:1194),
android.view.View.performClickInternal(View.java:7728),
android.view.View.access$3700(View.java:862),
android.view.View$PerformClick.run(View.java:29335),
android.os.Handler.handleCallback(Handler.java:938),
android.os.Handler.dispatchMessage(Handler.java:99),
android.os.Looper.loopOnce(Looper.java:210),
android.os.Looper.loop(Looper.java:299),android.app.ActivityThread.main(ActivityThread.java:8256),
java.lang.reflect.Method.invoke(Native Method),
com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:576),
com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1073)
Please advise how to stop Admob SDK from getting the Android ID.
Should you need any further details, feel free to let me know.
Best regards,
Aeryn
Mobile Ads SDK Forum Advisor
Jun 21, 2022, 4:31:22 PM6/21/22
to chiame...@gmail.com, google-adm...@googlegroups.com
Hi Aeryn,
Here's Work with advertising IDs guide from Android. Could you wire up a sample app with a scenario where the Id's being used are against user's preference and send it to us with instructions to see the unwanted use? You may send this privately.
Regards,
ref:_00D1U1174p._5004Q2bya1R:ref
Here's Work with advertising IDs guide from Android. Could you wire up a sample app with a scenario where the Id's being used are against user's preference and send it to us with instructions to see the unwanted use? You may send this privately.
Regards,
|
||||||
ref:_00D1U1174p._5004Q2bya1R:ref
Reply all
Reply to author
Forward
0 new messages