Implementing Kiosk Mode in Android - Part 4: A Better Provisioning Method for DPC / Device Owner
Updated: Oct 19, 2020
In part 3 of our series on kiosk mode, we provided source code for our Set Device Owner app. This app allows you to provision Android Lollipop and Marshmallow devices using the “device bump” method, which configures device owner apps or device policy controllers (DPC) such as Google’s TestDPC app and SDG kiosk demo. This article will provide information on how we improved that provisioning by writing the device owner information to an NFC tag instead of using the bump method.
Blue Agent Writer allows you to create a list of different device provisioning configurations. Each configuration contains the URL of the device-owner “agent” that you want to install. (You could have one configuration for your “price checker kiosk” app and another for your MDM solution.) In addition to beaming the configuration to another Android device, Blue Agent Writer also allows the configuration to be written to an NFC tag. This tag can then be used to provision multiple devices.
Under the hood, Blue Agent Writer downloads the agent apk from the URL, from which it obtains the application package name and computes a checksum. This information is required by the provisioned device to ensure that the downloaded package matches the checksum. A few of the settings that may be configured during provisioning are as follows:
See the DevicePolicyManager developer page for more details. It is important to note that the Wi-Fi password is stored in clear text, unencrypted. Therefore, you should take caution when using this feature.
When using Blue Agent Writer to write a configuration to an NFC tag, the NFC tag must have sufficient user memory to store the full configuration information. A typical configuration may consume over 500 bytes of data, so we recommend using NTAG216 tags because they have 888 bytes of usable memory. These tags are available for purchase in our online store.
Try Agent Writer, which is available on Google Play.
Finally, we have posted a YouTube video of our Blue Agent Writer app that demonstrates the use of NFC tags for this provisioning: