Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • Why Persistent Device IDs Matter
  • Generating the Device ID
  • Handling Cloned Devices
  • Methods to Generate a Device ID
  • Hashing for Privacy

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Windows
  3. Usage

Generating a Unique Device Identifier

When integrating with our SDK, one important requirement is generating a unique, persistent device ID for each device before calling the SDK. This device ID should remain consistent for the duration of the application's lifecycle on the device, from installation to uninstallation. Integrating device ID generation is a key first step to enabling the SDK's full functionality. The exact generation logic can vary based on your application's tech stack and architecture.

Why Persistent Device IDs Matter

Reason
Description

Uniquely identifying devices

Each device should have its own unique ID to distinguish it from other devices.

Enabling device tracking

The device ID allows tracking application usage across sessions and linking it to other data like purchases.

Supporting signed user features

For signed-in users, the device ID can help identify linked devices.

Maintaining data privacy

Using a device hash rather than personally identifiable information keeps the collected data anonymized.

Generating the Device ID

The device ID should be a string that uniquely identifies a specific device instance. Some options for generating it include:

  • Machine GUID (globally unique identifier)

  • A hash based on hardware characteristics

  • A hash incorporating the application's installation path

  • Any internally used unique device instance ID

The key is that the ID should be persistently tied to that specific device install.

For example, in VPN applications, developers generate a device_hash value based on hardware details and other settings. This hash is unique per app instance across all their devices and apps. It allows them to track application usage flows in their reports, link the data to purchases, manage linked devices for signed-in users, etc., all while keeping the data anonymized.

Handling Cloned Devices

One edge case is cloned devices, such as multiple VM instances which may end up with the same machine GUID.

If multiple devices with the same device_id attempt to authenticate with the VPN node (login and connect), whenever one logs in, the others will be automatically logged out since they appear to be the same device.

Therefore, it's important to incorporate additional unique elements beyond just the machine ID when generating your device_id hash to avoid unintended logouts in cloned device scenarios.

Methods to Generate a Device ID

Here are several methods to generate a persistent device ID on Windows:

Example 1: Using Machine GUID

string GetMachineGuid()
{
    string machineGuid = string.Empty;
    using (RegistryKey key = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Cryptography"))
    {
        if (key != null)
        {
            machineGuid = key.GetValue("MachineGuid").ToString();
        }
    }
    return machineGuid;
}

Example 2: Combining Hardware Information

string GetHardwareId()
{
    string cpuId = GetCpuId();
    string biosSerial = GetBiosSerial();
    string macAddress = GetMacAddress();

    return $"{cpuId}-{biosSerial}-{macAddress}";
}

string GetCpuId()
{
    // Code to get CPU ID
}

string GetBiosSerial()
{
    // Code to get BIOS Serial
}

string GetMacAddress()
{
    // Code to get MAC Address
}

Hashing for Privacy

To ensure that the device ID is non-personalized, you can hash the combined hardware information.

string GenerateDeviceId()
{
    string hardwareId = GetHardwareId();
    using (SHA256 sha256 = SHA256.Create())
    {
        byte[] hashBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(hardwareId));
        return BitConverter.ToString(hashBytes).Replace("-", "").ToLower();
    }
}
PreviousEventsNextError processing

Last updated 10 months ago

Was this helpful?