NEW! DHIS2 Android Settings Web App version 1.0 is released

Dear DHIS2 community,

We are pleased to inform you that the first version (1.0.0) of the Android Settings web application has been released. This web app is the result of many conversations with the community over the last year and our observations about how Android is being used in different implementations.

The web app features are intended to support admins in various functions of a DHIS2 Android Capture app implementation. These include configuring synchronization parameters for the DHIS2 Android Capture app, encrypting the local database of the Android devices, running tests on the size of data and metadata synchronized by a given Android user, among other features. This web app will allow users to:

1- Define the synchronization parameters for tracker and event programs. Users can specify the maximum number of TEIs/events to download, and use some parameters as the status of the enrollments or periods to download (e.g which TEIs or events have been updated during the last month). The settings can apply to all programs or to specific programs.

2- Define the synchronization parameters for aggregated values. Users can specify the number of periods to download. The settings can apply to all datasets or to specific datasets.

3- Define other generic parameters such as the frequency for synchronizing data and metadata, SMS gateway number, reserved values per auto generated TEI attributes, encrypt the database of the local devices, etc.

4- Test the size of the metadata and data to download from the server.

This web app is compatible with 2.34.1, 2.33.5 and 2.32.6. We recommend to always use these latest patch versions, as previous ones may have some issues that can compromise the functionality of the application.

If you plan to use this web app, the following considerations should be taken:

  • The use of this app will overwrite the local settings of all Android devices using the DHIS2 Android Capture app for a given DHIS2 instance.

  • In this version, only users with ‘ALL’ authority are able to use this app to configure the parameters for synchronization, encryption, etc. Other users having access to this app, will be able to see the configuration but will not be able to edit any values.

  • If you select the encryption checkbox, this will affect the local database of all Android devices synchronizing with the server for a given DHIS2 instance.

Please keep in mind that this is our first release and this web app hasn’t been used in the field yet. We strongly recommend not to use this app in a production environment without first fully testing it with your teams in a designated non-production environment. As always, we welcome your feedback for any bugs you might detect, but also about the usability of the app and potential new features to include in future releases.

RELEASE INFO

Release Information Link
Download app from the App Hub https://apps.dhis2.org/
Documentation Android Settings Web App doc

Please report any issues you find in jira (Component: [App] Android Settings app)

Happy testing

The Android team

11 Likes

Bravo Marta & team! It looks like a very powerful set of tools!

1 Like

Good news

1 Like

Great app,
The User sync test app is very useful as it will help increase the performance by assigning users with recommended org Units and metadata to download.

1 Like

@marta is it possible to configure at what time the synchronization will happen? if not I suggest to include in the next release, especially for parameters sync.

Thanks

1 Like

Hi @mutali,

currently is not possible but I think is a good feature. Would you mind creating an issue in Jira to request this functionality?

DHIS2 project - [App] Android Settings app

thanks!

2 Likes

@Gassim I am testing the Android Settings app, and have reviewed the DHIS2 documentation about it.

One thing that isn’t clear - what exactly does it mean when you enable the Setting to encrypt the local database of the Android devices - how is the tablet holder impacted?

Does this mean their data can/cannot sync under certain conditions?

Help from the android team would be great, thank you. We will be testing this summer in the field.
Thank you,

-Sara@LogicalOutcomes

1 Like

Hi @sgaudon ,

If you are marking the option “Encrypt device database” in the android settings, any android app will encrypt its database at the moment of syncing the metadata… It won’t have any impact on how the end users are using the android app (they will be able to perform the same tasks), but the information stored in the devices is more secure from possible attacks, data leaks or non authorized access

However, the performance of the android app can be impacted as well by a 10 - 15% when navigating through screens containing data. We don’t think this will have any big impact to the user experience, but in any case better for you to test first (I don’t know the size of the data they are syncing with the server).

We recommend to use this option when the users are working with sensitive information.

Let me know if you have any questions.

2 Likes

Hi Jose - a non-profit we’re supporting is wondering about the app featuring ‘encryption at rest’ - can you comment on the at rest, in transit etc. and does checking the ‘encrypt device database’ change the default settings in any way?
Thanks again,
Sara

1 Like

Hi @sgaudon .

As Jose explained, when ticking the “Encrypt device database” in the Web Settings App all the devices syncing with this server will be forced to encrypt the DHIS2 App database in the device. This might affect performance a little bit but on the other hand you get an additional layer of security. By default Android applications (in fact also other mobile Operative Systems) are more secure than computers but if you are in a context where you fear that a stolen/lost device could compromise anyone (I can imagine a program with sensitive patients’ details) this could help as an attacker could not read the database.

In a context like that I would not stop there and would probably impose if possible via an MDM other security measures like forcing Android passwords, auto lock after time, remote wiping, etc.

Regarding the security in transit, that’s something external to the App and which is achieved at lower levels. You could ensure this by using HTTPS (general recommendation) or even establishing a VPN between the devices and the server (much more complex and harder to manage). In my opinion no implementations should be using DHIS2 without HTTPS as I consider it a must.

2 Likes