Android 10 ROM—Notes for Clover Developers

📘

IMPORTANT UPDATE

After our announcement about Android 10 ROM updates, we heard from developers regarding the Build.SERIAL change and the need for more notice about ROM updates in the future. Please see New information about ROM updates for important information about the A10 rollout.

Audience

This announcement is only for developers who develop Android apps for Clover Station Duo (formerly Station Pro), Clover Station Solo, Clover Mini 2, and Clover Flex 2.

Change Notes

This is a list of the most important changes that affect apps caused by our move to Android 10. This is not an exhaustive list—it is a living list and will continue to be updated as we gather new information.

Device Serial

Accessing the device serial must be done via MerchantDevicesV2Connector(context).getSerial() available in our clover-android-sdk. This method works on all our devices and all OS versions.

The following ways of obtaining a device serial should not be used:

  • android.os.Build.getSerial()
  • android.os.Build.SERIAL
  • Using the android.os.SystemProperties via reflection to get the serial number

APK Signature

Some apps that were signed in an unusual way but were allowed by Android 8 and earlier will now be rejected in Android 10.

Run the apksigner on your APK after it is fully signed to determine if it is possibly malformed. The apksigner is a tool included in the Android SDK provided by Google.

Example:

Android/Sdk/build-tools/30.0.3/apksigner verify path/to/your/app.apk

Notice the tool being used is 30.0.3. Please use this version or later. If the command returns "DOES NOT VERIFY" then your app has a malformed signature, there may be additional details returned about the reason it is malformed. Please ensure you are using the v1 signature scheme only.

🚧

IMPORTANT

To ensure that your apps continue to function properly after the upgrade, it is critical that your Clover apps are signed with v1 (JAR Signature). Apps that are v2- or v3-signed will not function properly after the upgrade.

Regex / Pattern matching

java.util.regex.Matcher and Pattern behavior changes—see Android Developer site for details

SHA-1

Certificates signed with SHA-1 aren't trusted in TLS—see Android Developer site for details

Wi-Fi privacy

Information removed from Wi-Fi service methods—see Android Developer site for details

TLS Certificate Hostname

Hostname verification using a certificate—see Android Developer site for details

Activity launching

FLAG_ACTIVITY_NEW_TASK requirement is now enforced—see Android Developer site for details

Contact Us

If you have questions about this update or additional information to report, contact Clover developer support at [email protected]. Clover recommends that you allowlist this domain with your mail client and add the address to your contact list.

Additional Resources

Please visit the Android Developer site for more details:
https://developer.android.com/about/versions/10/behavior-changes-all
https://developer.android.com/about/versions/pie/android-9.0-changes-all