SDK | Third Party Service Provider | Information Collection Purpose, Method, Scope and Required Permissions |
Yun Zheng Tong (CFCA) SDK | China Financial Certification Authority Co., Ltd. | Purpose: In order to provide you with Yun Zheng Tong e-signature (digital certificate) service, we use the Yun Zheng Tong (CFCA) SDK for implementing e-signature (digital certificate) function Method: SDK collects info by itself
Information fields collected by SDK: Common fields: Customer name, customer ID type, ID number iOS device-specific: Mobile device model, system version, IP address, network connection, IDFV (IdentifierForVendor), whether mobile is jailbreak, APP creation time, APP Bundle ID, APP version, whether the phone has TEE, SE module, Keychain information (used to obtain a unique identifier)
Android device-specific: MAC address, system version, device name, model and manufacturer, hardware name, serial number and manufacturer, Android ID, APP producer information, whether mobile is ROOT, Android Keystore logo, whether the phone has TEE, SE module Required system permissions: None
|
Live Recognition (CFCA) SDK | China Financial Certification Authority Co., Ltd. | Purpose: In order to provide you with live facial recognition & verification function, we will use the Live Recognition (CFCA) SDK, obtain camera access, to securely verify your identity by recognizing your facial features and movements, but we will not retain your facial features and movements for our own sake. Method: SDK collects info by itself
Information fields collected by SDK: Facial recognition information, customer name, customer ID type, ID number Required system permissions: Camera permission |
Tencent Technology Co., Ltd WeChat Sharing SDK | Tencent Technology Co., Ltd | Purpose: To enable you to share relevant pages in the Mobile Banking App (such as product pages) to the WeChat platform Method: SDK collects info by itself
Information fields collected by SDK: Unique device identifier, Device MAC address Required system permissions:
None |
Baidu cloud push notification SDK | Beijing Baidu Netcom Science and Technology Co., Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification Method: SDK collects info by itself
Information fields collected by SDK: Android ID Device Info(including end user’s hardware model, OS version and system info) Device connection info (like network service provider name, WIFI info) Required system permissions: Notification Phone (device info, network access and network info) External Storage
Special Note: In order to realize the message push notification function such as transaction information, this SDK may start automatically when the device is turned on or restarted.
Refer to Baidu push notification SDK privacy policy: https://push.baidu.com/doc/guide/baidu_legal |
Xiaomi push notification SDK | Beijing Xiaomi Mobile Software Co.,Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification
Method: SDK collects info by itself
Information fields collected by SDK: Android ID,Device info,App package name、version no, running status
Required system permissions: Notification Phone (device info, network access and network info)
Refer to Xiaomi push SDK privacy policy: https://dev.mi.com/console/doc/detail?pId=1822 |
Oppo push notification SDK | Guangdong HeyTap Technology Co., Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification
Method: SDK collects info by itself
Information fields collected by SDK: Device info (IMEI, OAID,Serial Number,IMSI,User ID,Android ID,Google Advertising ID, Region setting,device model,quantity of phone's electricity,version of phone's OS, language), App info (package name, version code, SDK version), network info (connection with IP or domain, network type), notification info(result of message delivering, permission of notification showing, notification clicking), screen lock (if screen lock or not, if allow to show notification when screen lock)
Required system permissions: Notification PPhone (device info, network access and network info) External Storage
Refer to Oppo push privacy policy: https://open.oppomobile.com/new/developmentDoc/info?id=10288 |
Huawei push notification SDK | Huawei Technologies Co., Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification
Method: SDK collects info by itself
Information fields collected by SDK: Basic app information (App ID, Push SDK version number, and HMS Core (APK) version number, app version number, and app package name), In-app device identifier(AAID and push token), Device hardware information (Device type (such as mobile phone or tablet), Device model), Basic system information (System type (Android) and version), System version, System settings (Country/Region code)
Required system permissions: Notification Phone (device info, network access and network info)
Refer to Huawei push privacy policy: https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides/sdk-data-security-0000001050042177 |
Meizu push notification SDK | Zhuhai Xingji Meizu Technology Co., Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification
Method: SDK collects info by itself
Information fields collected by SDK: Device info (Phone brand, Phone Model, System Version, Language, Device Identifier), Notification info (Notification Content)
Required system permissions: Notification Phone (device info, network access and network info)
Refer to Meizu push privacy policy: https://open.flyme.cn/docs?id=202 |
Vivo push notification SDK | Vivo Communication Technology Co. Ltd. | Android specific (for China Android market), no such SDK in iOS Purpose: Used for message push notification
Method: SDK collects info by itself
Information fields collected by SDK: Device Identifier Info (like IMEI, EmmCID, UFSID, Android ID, GUID, GAID, OPENID, VAID, OAID, RegID), App info (like Package Name, Version, APPID, SDK Version), Device Manufacturer and Network Info (like IP, Network type, Country Region Code, Device type (such as mobile phone or tablet)), Notification Info (timestamp of notification creating, delivering and clicking, notification delivering result), System Info (Device model, OS version, Notification bar status, if screen lock or not, setting about whether to show notification when screen is locked)
Required system permissions: Notification Phone (device info, network access and network info) External Storage
Refer to Oppo push privacy policy: https://dev.vivo.com.cn/documentCenter/doc/652 |
zDefend and zShied SDK | Zimperium, Inc. | Purpose: To assess and protect the security of Mobile Banking App running in installed device
Method: SDK collects info by itself
Information fields collected by SDK: Running processes System version Mobile device model Installed list of Apps info Android ID SSID (not collect yet) BSSID (not collect yet) Required system permissions: Phone (device info, network access and network info) Note: As this SDK is used to ensure the safety of the Mobile Banking App, it collects info above from time to time (even during the time when Mobile Banking App is switched to run in background) to identify if any suspicious software or running program that might cause potential threat to Mobile Banking App, this SDK cannot be turned off specifically |
Cisco AppDynamics Mobile RUM Agent SDK | Cisco Systems, Inc. | Purpose: Provide end-to-end visibility on the performance of mobile applications as well as help customer troubleshoot problems such as slow mobile network requests and crashes. Method: SDK collects info by itself
Information fields collected by SDK: Network Service Provider Name Network Connection Type Device Model App Version OS Version IP Address App Crash info Network requests and responses info including errors Required system permissions: Phone (device info, network access and network info) Note: As this SDK is used for performance monitoring as well as customer problems troubleshooting like App crash on the Mobile Banking App, it collects info above from time to time (even during the time when Mobile Banking App is switched to run in background) for backend to check the App whole usage status for monitoring/analysis purpose, this SDK cannot be turned off specifically |
Google Firebase Notifications SDK | Google LLC | Android specific (for Overseas Android market), no such SDK in iOS Purpose: Used for message push notification Method: SDK collects info by itself
Information fields collected by SDK: Application Version OS Version Device Model Name Device Model ID Device Brand APP that was used to install our Digibank App (like Google Play Store) Firebase SDK version Android ID Required system permissions: Notification Phone (device info, network access and network info) |
Mob Share SDK | Shanghai MobTech Co., Ltd. | Android specific, no such SDK in iOS Purpose: One tool SDK used for implementation to let user to share some page of the App (like public product info page) or information to Wechat platform Method: SDK collects info by itself
Information fields collected by SDK: System Running Info: (Device Platform, OS Version, Device Model, Device Manufacturer, Device Brand, Screen Resolution) Social Platform Open ID Installed list of Apps info Device Identifier Info:(OAID, Advertising ID, Android ID) Network Status Info:(IP Address, Network Service Provider Info, WiFi Info, Base Station Info, SSID, BSSID) Required system permissions: Notification Phone (device info, network access and network info)
Refer to Mob Share SDK privacy policy: https://www.mob.com/wiki/detailed?wiki=638&id=14
|
Google Architecture and UI component SDK | Google inc. | Android specific, no such SDK in iOS Purpose: One tool SDK used for implementation to realize App related front-end functions
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
ADMod SDK | Google inc. | Android specific, no such SDK in iOS Purpose: One tool SDK used to check whether phone has Google Play service or not
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Android Support SDK | Google Inc. | Android specific, no such SDK in iOS Purpose: One tool SDK used in implementation to support Android old versions
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Okhttp SDK | Square | Android specific, no such SDK in iOS Purpose: One tool SDK by utilizing its network libraries to realize related features during App implementation.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Okhttp3 SDK | Square | Android specific, no such SDK in iOS Purpose: One tool SDK by utilizing its network libraries to realize related features during App implementation.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Okio SDK | Square | Android specific, no such SDK in iOS Purpose: One tool SDK by utilizing its network libraries to realize related features during App implementation.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Squareup SDK | Square | Android specific, no such SDK in iOS Purpose: One tool SDK by utilizing its network libraries to realize related features during App implementation.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Apache SDK | Apache | Android specific, no such SDK in iOS Purpose: One tool SDK by utilizing its native Java library (JDK8) to realize related features during App implementation.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Github open source SDK | Github | Android specific, no such SDK in iOS Purpose: One tool SDK to realize PDF display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Facebook Shimmer SDK | Meta Platforms, Inc | Purpose: One tool SDK to realize shimmer effect of UI display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Glide SDK | Bumptech | Android specific, no such SDK in iOS Purpose: One tool SDK for App frontend images fast loading and display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Bmob Sdk | Bmob | Android specific, no such SDK in iOS Purpose: One tool SDK used to realize Wechat sharing function
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
PinLayout SDK | layoutBox | iOS specific, no such SDK in Android Purpose: One tool SDK used for front-end UI layout display Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Macaw SDK | exyte | iOS specific, no such SDK in Android Purpose: One tool SDK used for front-end UI layout display Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Lottie SDK | Airbnb | iOS specific, no such SDK in Android Purpose: One tool SDK used for front-end UI layout display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
FlexLayout SDK | layoutBox | iOS specific, no such SDK in Android Purpose: One tool SDK used for front-end UI layout display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
HanziPinyin | teambition | iOS specific, no such SDK in Android Purpose: One tool SDK used for App localization
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Charts SDK | danielgindi | iOS specific, no such SDK in Android Purpose: One tool SDK used for front-end charts display
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |
Teambition Wechat SDK | teambition | iOS specific, no such SDK in Android Purpose: One tool SDK used for implementation to let user to share some page of the App (like public product info page) or information to Wechat platform
Method: SDK collects info by itself
Information fields collected by SDK: Device info, DBS public product info that user shares
Required system permissions: None |
Adobe SDK | Adobe Systems Software Ireland Limited | Purpose: Collection of clickstream data, including user interactions, page views, app usage, and event tracking, from mobile apps and other digital platforms for advanced analytics and insights
Method: SDK collects info by itself
Information fields collected by SDK: Page Views Button click events Session duration/frequency Device information (model, operation system, screen resolution, device type, browser type, connection speed) App version Referrers Campaign tracking Error tracking In-app behavior (navigation patterns, feature usages) IP Address
Required system permissions: Phone (device info, network access and network info) |
Live Recognition (Junyu) SDK | Shanghai Junyu Technology Co. ltd. | Purpose: One tool SDK used by Live Recognition (CFCA) SDK to support live facial recognition & verification function.
Method: SDK collects info by itself
Information fields collected by SDK: None
Required system permissions: None |