How to prevent time cheat?

Who tells you the time? I think your implicit assumption here is that the user’s clock is accurate. But that already assumes existence of a trusted authority. Someone has to decide what time it is.

Which platform/devices are we talking about?

Just another idea, which is not programmatically tackling this issue:
There might be some MDM/MAM systems that could prevent the user to change the local time on the phone. At least I know that Samsung SAFE and Windows has options for this.

Was that a question for me? If so, no, I absolutely do not think the user’s clock is accurate. That is the reason I find this problem interesting with practical implications. I was trying to explore options where we can defeat the manual cheating of system time without requiring a network connection. Or more generally, find a mechanism that is able to detect if a user cheated when they eventually complete the logging after 5 days

1 Like

Good thinking (and I’m saying it again to make it 20 characters so I can post)

Then who has the accurate clock? The one that declares the user logged in at 9am to start working.

Then who has the accurate clock? The one that declares the user logged in at 9am to start working.

Yes. I’m not contesting your proposal at all of having a time authority. I’m simply wondering if that is the only possible or feasible solution under the given circumstances. Or more specifically, I am primarily wondering if its possible to have solution where a TA is used to validate a log, but that can happen in a deferred fashion (5 days after the transaction is logged). This may therefore mean that the “signing” needs to happen with a timestamp (which can be manipulated) and another time sensitive entity in a mobile device that can’t be modified (don’t know what that is)

This problem piqued my interested. My original intent of asking you if you had a link to a proof that said this is mathematically impossible to do was I’d stop thinking about it :slight_smile:

There are a lot of different trust models. If you type network trust model into Google Scholar you’ll see a lot of stuff. There doesn’t have to be a single trusted authority like a timestamp server. It can be distributed across many servers. But it isn’t possible to do with just one untrusted point, because the untrusted point can lie by definition. The idea of @Kerosin translates to putting multiple “network points” on the user’s device. That might be possible with native programming and admin installation rights. (At the very least, you might be able to create something where if it were tampered with, the tampering could be detected.) But programming with Ionic, only in the browser, where the user installs? Nope. The enemy could defeat the system.

Edit: The mathematical proof is that a single untrusted actor can lie. QED. The interesting mathematical proofs arise when you show that you don’t need a single infallible truth-teller, but rather, truth authority can be shared across multiple users.

sorry for the late reply… very very thanks for all your help! (I will try to reply with my best english possible)

yes @anna_liebt,
I tried to get the timestamp of the gps, but the native geolocation returns the date and time from the device, BUT using the advanced geolocation plugin (Cordova add-on) it returns the timestamp from the location where I am :smiley: the problem: only works for Android 5.0 - 6.x and freezes my application (I do not know why)

@Jacktoolsnet that solution works only in the city because the local phone network is strong, another problem, it’s expensive for the user and the company

@pliablepixels wow! many questions… -when the person checks I/O are at specific location (or nearest possible) that the client/administrator/employer marks previously with a virtual flag in the field…
-another way? I think it’s the best way given the circumstances
-How to identify that folks are not working? thats not the point

*Intents! but how you work with that in Ionic? using the ACTION_TIME_CHANGED… and… Idk :frowning:
*elapsed time, I have found a cordova plugin “boot time”, retrieves the millisecons since the phone boot but only works for android 5.0

@AaronSterling its not impossible, maybe needs another point of view or somethong

let me read more, I’ll answer in a moment

yes but i can not configure the user/employee phone…

based on your response, my guess is you are not looking for a super tamper proof solution, also it can’t be a solution that requires costly network server updates, and your users are not the kind who will start using decompilers to try and change the ionic app - they will most likely only try system time changes and any other “simple” user hacks they might discover along the way as they go along. Is that right?

If so, you might want to use a combination of what @anna_liebt suggested and the monotonic clock (elapsed boot time).

A) If you are saying the advanced-geolocation-plugin returns network time and you have validated it does this without an active network connection, thats great. You should use it for devices where it works (note that iOS does not seem to be supported)

B) In addition to that, you can get the monotonic timer to measure time since boot and store the latest value and system time for each log. Lets assume the first log will be correct - there are many ways to enforce that, including one time network registration while installing the app. That way you can compute if they suddenly go “very different” (I wouldn’t complain if its a small drift) which might mean the user changed time, or the phone rebooted. If its the latter, and you detect this huge change happening very often, it should raise a flag - why would a user reboot so often and every few days?
You can easily use any cordova plugin in Ionic even if its not part of native. Google around. Start here

Between A + B you have a solution that should deter casual manipulation. An ideal phone will support both mechanisms. For some phone, you may need to fallback to one or the other. Note that it is always useful to check Android’s adoption before you worry about how many devices will fail - you can see current distribution here -obviously this data can be skewed against your situation - that you would know better than me

The only caveat here is I haven’t used either plugin myself - so if you discover they have issues, well, then, you’ll have to look for other solutions.

I do consulting in the time/attendance field. Most of the time, clients will want to make sure employee’s can’t fake timecards, or avoid buddy punching, etc. But if the company you are creating this for trusts employees to work/punch in when they only have internet access once a week basically, if I read your post correctly, then they should trust they aren’t going to fake their punches. You may be trying to engineer something that doesn’t require a solution. If the company is very set on having it tamper proof, then they need the phones to be online when punching to be 100% tamper proof, and it uses apis on a server to punch.

1 Like

finally I have the solution, thanks again for all your help :smiley:

GPS timestamp is the answer, getting the timestamp from the louisbl/cordova-plugin-gpslocation plugin (here)

example code:

//service.ts

declare var GPSLocation:any;

obtenerLocacion():Promise<string>{
    return new Promise(function (resolve, reject) {
      GPSLocation.getCurrentPosition(function (data) {
        try{
          //let location = JSON.parse(data); ->not works
          resolve(data);
        }
        catch (error) {
          reject(error);
        }
      },
      function (error) {
          reject(error);
        }
      );
    });
  };
//page.ts
import { Service } from '../../providers/service/service';

var gps_time:any;

constructor(
public Service: Service
){}

mostrarTiempo()
{
this.Service.obtenerLocacion().then( obtenido =>{
          /*this.lat = obtenido['coords']['latitude'];
          this.lng = obtenido['coords']['longitude']; -> this way if u want set vars
          this.gps_time = obtenido['timestamp'];
          */
          alert(obtenido['timestamp']);
          }
        ).catch((err) => {
                       //handle error
                       }
                     );
}

<!--page.html-->

<ion-header>

  <ion-navbar>
    <ion-title>Inicio</ion-title>
  </ion-navbar>

</ion-header>

<ion-content padding>
  <button ion-button large full (tap)="mostrarTiempo()" color="danger">
    Mostrar Tiempo
  </button>

</ion-content>

the reason why: “Source of location information is Global Positioning System (GPS)” inspecting the code, I found that it uses the class GPS_Provider unlike the native code that gets the location from ‘navigator.geolocation’

3 Likes

Quick question, does this cordova plugin support kitkat to marshmallow?

I think so, anyway you can try it… at this moment I don’t have the code handly but I remember that did some modifications because the format of returned… sorry I can’t help more now

Intente con el código que tienes pero no logra obtener ningún dato, me puedes ayudar por favor.

hi sorry for the inactivity, how can i help you? what’s the problem?

This not working as when user changes the device date/time then the timestamp also changes.
If this issue solved please let me know.
Thanks

As usual, I agree completely with @AaronSterling on this. A pure client-side offline “solution” to this is impossible. You cannot control how somebody runs your app code in an environment you don’t control, period. They can run it in an emulator that spoofs GPS. They can even just reverse-engineer your network protocol and feed it information with any old HTTP client.

The only viable answer here relies on an authoritative clock on a server that you control, which means server-side timestamping.

Yes, you are right this is the only solution till yet. The second solution is the google paid time api service through which this problem can be handled.
Thanks!