Seamless account transfers with Block Store

Meghan Mehta
Android Developers
Published in
3 min readAug 18, 2021

--

The magic of a new mobile device. Opening the crisp box, peeling off the plastic to unveil the unblemished screen, setting up the device and having previous apps already downloaded onto the new device. This seamless experience is halted when the user tries to use their apps and has to re-authenticate. Trying to remember account credentials and going through account recovery flows causes a lot of friction. This friction causes users to end up creating a new account and abandoning their old account or in some cases the friction is so high that they abandon the app entirely.

To solve this problem, we present the Block Store API to make logging back into the user’s applications on a new device as simple as restoring from a backup in the setup process so they can return to their apps just as they left them. Read on to learn more about Block Store and the benefits of it and how to provide users with a magical experience!

What is Block Store?

The Block Store API allows your app to store user credentials that it can later retrieve to re-authenticate users on a new device. Your credential data is transferred between devices when a user bootstraps one device using another.

How Block Store works:

  1. When a user signs into your app, or anytime thereafter, you can save the authentication token that you generate for that user to Block Store.
  2. Once you save the token with Block Store, the token is encrypted and stored locally on the device.
  3. Data is transferred over to a new device when the user sets it up using device-to-device restore flow.
  4. When a user returns to your app on a new device, if they have provided consent to restore their data when they go through a device-to-device restore, Block Store will retrieve the token for your app.

Why use Block Store?

While this API is optional to use, here are some advantages to implementing it in your app:

  • If users don’t have to worry about remembering their credentials, they would also be more willing to use passwords that are unique and more difficult to phish.
  • Eliminates friction from sign-in flows that can ultimately lead to users not reengaging with your app.
  • Integration is simple and it works irrespective of the sign-in methods that you offer.
  • Google verifies the user’s identity.

How to add it in my app?

When a user signs into your app, you can save the authentication token that you generate for that user to Block Store by calling storeBytes(). This stores the user’s credentials to the source device. Now, the token is encrypted and stored locally on the device.

When a user goes through either a device-to-device restore flow on a new device, Block Store retrieves your token. Since the user has already agreed to restore your app data as a part of the restore flow, no additional consent is required. When the user opens your app, you can request your token from Block Store by calling retrieveBytes(). This retrieved token can be used to keep the user signed in on the new device. If there is no token for the calling app, it will still call the onSuccessListener() but with a result of empty bytes. If you call storeBytes() and then retrieveBytes() on the same device, the retrieveBytes() still returns the bytes set by the previous storeBytes().

Summary

That’s all you need to know to get started with Block Store! To learn more check out the documentation.

Happy coding!

--

--