Preventing Cheaters: Is it really a mobile device, or is an emulator?

I'm developing an application on both the android and iPhone simultaneously. Due to the nature of my geolocation application, it's important that the information is really coming from a phone, and not just an emulator that happens to have the application installed.

Is there some kind of value I can pull from the d开发者_运维知识库evice(s) to determine if its an emulator? I don't want users cheating the system by simply setting their own values for their lat/long coordinates. I know nothing is fool proof, but I would at least like eliminate as much fraud as possible.

I plan to have algorithms in place to validate data being recieved, such as jumping n. miles in n. seconds from your last location -- but this could cause false positives in some situations -- especially on some Androids, where you can magically be placed all over the world moving 2 feet.

This is applicable to both the Android and iOS. Answers for either phone would be fine.

You can use [UIDevice currentDevice].model to get the current device model for iOS. The UIDevice class reference will give you the possible constant strings which you can compare to. Scroll down to the model property for more info.

Don't have much experience with android, however this should work.

With Android, as it turns out, it's a bit more complicated than just determining whether or not you're on an emulator (which can be done using Peter's link above), given the ability, under "Development Settings" to allow Mock Locations (see, for example, this app that allows the user to set a mock location that will then be made available to other apps).

Depending upon the method you're using to retrieve the location provider (e.g., calling LocationManager.getProvider() using the return value from LocationManager.getBestProvider()) you could therefore end up using a Mock Provider. I've been unable to find any definitive method for determining whether a provider is Mock or not (e.g., there's no property of the LocationProvider that indicates it is Mock, no property of the Location that indicates it's fake, etc.). What you could, however, do is read the Secure Settings to determine whether or not ALLOW_MOCK_LOCATION is enabled and not allow your app to function in this case; since the setting is one of the Secure Settings, there is no way to change it programmatically.