Failing the review at Huawei AppGallery because the Unity Runtime "reads" the ANDROID_ID

Hello,
our build fails to pass the review at Huawei AppGallery (the largest app store in China!) because, according to the reviewers, the Unity Runtime on Android “reads” the ANDROID_ID before the user accepts the privacy policy.

They claim the call stack that “reads” the ANDROID_ID is as follows:

com.unity3d.player.UnityPlayer.nativeRender(Native Method),
com.unity3d.player.UnityPlayer.-$Nest$mnativeRender(Unknown Source:0),
com.unity3d.player.UnityPlayer$C$a.handleMessage(Unknown Source:122),
android.os.Handler.dispatchMessage(Handler.java:105),
android.os.Looper.loop(Looper.java:228),
com.unity3d.player.UnityPlayer$C.run(Unknown Source:24)

At first I thought this was an issue with the Analytics SDK and so I’ve asked for help there
But we failed the review (numerous times) even after having removed the Analytics / Unity Core Services package from the project and after disabling Unity Services (unlinking the cloud project ID). This means that the Unity Runtime for Android makes the call to read the ANDROID_ID on its own, which, according to Huawei, is illegal unless the users first accepts the privacy policy (this is per Chinese regulations).

As such, there is currently nothing we can do on our end to fix the problem and we are completely unable to launch our app at Huawei China. To add salt to injury, this is the last step of a very long and tedious road to get all the permits to launch an app in China. Hundreds of man-hours of many people went into it and now it seems we won’t be able to launch our app in China at all, because of this bug/feature of Unity. Extremely frustrating!

We are using Unity 2022.3.9f1. I would like for someone at Unity to say if this is by design and if there are any plans to change it.

As far as I can tell Unity doesn’t always read ANDROID_ID.
The cases where it does it read is:

  • SystemInfo.deviceUniqueIdentifier is called from C#
  • Runtime Analytics are enabled

In cases above, a native function inside Unity runtime -
android::systeminfo::UniqueIdentifier is called which reads ANDROID_ID

If you want you can actually validate yourself if android::systeminfo::UniqueIdentifier is called:

  • Assuming you have il2cpp scripting backend selected
  • In Build Settings window, Create Symbols should be set to Public or Debugging
  • Export gradle project
  • Open it in Android Studio (Using Android Studio 2021.3.1, can’t tell if higher Android Studio versions will work, but lower will not work)
  • Wait until Android Studio imports gradle project
  • In Run/Debug Configurations->Debugger->Debug type, set it to Native Only
  • General->Launch Options->Launch set to DefaultActivity
  • In Symbol Directories, add path unityLibrary/symbols
  • LLDB post Attach Commands add:
    process handle SIGXCPU -n true -p true -s false
    process handle SIGPWR -n true -p true -s false
  • You can now start debugging
  • Debug window at the bottom should open
  • Locate a red button on the left “View Breakpoints”, click it
  • Hit + button, and add Symbolic Breakpoint
  • Under symbol name, enter UniqueIdentifier
  • Restart the debugging session, if something calls native UniqueIdentifier, the debugger should stop at it

P.S
You might be lucky, and you can find if something calls C# SystemInfo_get_deviceUniqueIdentifier without starting debugging session:

  • Once gradle project is opened in Android Studio
  • Do Ctrl+Shift+F and search for SystemInfo_get_deviceUniqueIdentifier and see if you hit something, you should at least hit UnityEngine.CoreModule cpp file, that’s implementation of C# function, it doesn’t mean the call is being done, but it should give you an idea, what to look for.

Hopefully that helps.

Thank you for the reply @Tomas1856 !
I was expecting there to be a way to check this in Android Studio, but it’s beyond my skills / knowledge. I’ll try using the steps you describe.
In the meantime Huawei support managed to point me in some direction as well via this post: https://developer.unity.cn/projects/62c55bfcedbc2a6d3f466089 (it’s in Chinese but machine translation made sense).
It seems that if a project had Analytics enabled at some point, simply removing the package does not update the settings in the UnityConnectSettings.asset file. Furthermore the fact that my project was created using an older version of Unity (2018 and than updated several times to newer versions) might mean that there are some lingering cached settings which cause the Runtime to read the ANDROID_ID.
With your input and this hint from Huawei support I finally have something to work with. Will let you know if I manage to fix this.

1 Like