Approov attestation provides robust support for Huawei, Xiaomi, and other non-GMS (Google Mobile Services) phones, ensuring secure mobile app operations even on devices without Google certification.
Approov’s solution emphasizes verifying the authenticity of the mobile client and the integrity of its environment before granting access to APIs. This is crucial for devices like Huawei and Xiaomi that may not have GMS but still need strong security measures. Approov attestation performs comprehensive checks including root and jailbreak detection, device integrity verification, and runtime environment analysis. These checks help prevent unauthorized access and ensure that only legitimate app instances on uncompromised devices can communicate with backend servers.
The dynamic management of API keys and secrets, coupled with certificate pinning, further enhances security by ensuring that API keys are never hardcoded into the app and are only delivered to trusted, verified app instances. This attestation process provides a secure and seamless experience for users on Huawei, Xiaomi, and other non-GMS devices, maintaining the integrity and security of mobile applications in diverse environments.
The most popular non-GMS Android phones are typically used in regions where Google services are restricted or unavailable, such as China, or by users who prioritize privacy and want to avoid Google's data collection practices. Here are some of the notable non-GMS Android phones and their usage:
1. Huawei Phones (e.g. Mate 30 Pro, P40 Pro): Huawei's recent phones do not come with Google Mobile Services (GMS) due to the US trade restrictions. These phones are popular in China and other markets where Huawei has a strong presence. They use Huawei's own Huawei Mobile Services (HMS) ecosystem instead of GMS.[1][4]
2. Xiaomi Phones (e.g. Mi 10, Redmi Note 9 Pro): Xiaomi offers non-GMS variants of its phones specifically for the Chinese market, where Google services are blocked. These phones use Xiaomi's own app store and services.[1]
3. OnePlus Phones (e.g. OnePlus 8T, OnePlus Nord): While OnePlus phones generally come with GMS in most markets, they offer non-GMS variants for the Chinese market.[1]
4. Amazon Fire Phones and Tablets: Amazon's Fire devices run a forked version of Android called Fire OS, which does not include GMS. These devices are designed to primarily use Amazon's services and app store.[1]
5. Phones with Custom ROMs (e.g. LineageOS, /e/OS): Some users install custom ROMs like LineageOS or /e/OS on their Android phones to remove GMS and gain more privacy and control over their devices. These are popular among privacy-conscious users globally.[4][5]
6. Phones from Chinese OEMs (e.g. Oppo, Vivo, Meizu): Many Chinese smartphone manufacturers offer non-GMS variants of their phones for the domestic Chinese market, where Google services are not available.[1]
In summary, non-GMS Android phones are primarily used in China and by privacy-conscious users worldwide who want to avoid Google's data collection practices. These phones often rely on alternative app stores, services, and ecosystems provided by the respective manufacturers or custom ROM developers.[1][4][5]
Citations:
[1] https://approov.io/knowledge/what-are-non-gms-mobile-devices
[2] https://www.esper.io/blog/gms-vs-non-gms-for-android
[3] https://www.android.com/gms/
[4] https://emteria.com/blog/gms-vs-non-gms
[5] https://murena.com/what-smartphone-without-google/