跪拜 Guibai
← All articles
Frontend · Android

Mocking GPS on Android with the Official Test Provider API

By 石山岭 ·
Read original on juejin.cn ↗ Google Translate ↗ Alt translation

Many Western developers assume location spoofing requires root or Xposed, but Android's official Test Provider API—when correctly applied to both GPS and network providers—handles a wide range of legitimate testing and preview scenarios without breaking the security model.

Summary

GPSSimulate injects fake coordinates into both the GPS and network location providers through Android's Test Provider API, paired with a foreground service that ticks every second to keep apps fed with updates. A map interface built on OSMDroid and OpenStreetMap lets users drag a center pin to pick a target, save preset cities, and start simulation with one tap.

The project grew out of a practical need: rental and battery-swap apps show different pricing and inventory by city, and existing spoofing tools were ad-heavy or unstable on Xiaomi hardware. The core insight is that mocking only GPS_PROVIDER fails against apps using fused or network location, so the fix pushes identical coordinates to both providers simultaneously.

Real-world limits remain. Banking, payment, and ride-hailing apps commonly call isFromMockProvider() and reject spoofed locations outright, while simpler weather or information apps accept them. The tool's value lies in understanding Android's location stack and building a stable, ad-free utility on official APIs.

Takeaways
Android's LocationManager.addTestProvider() is an official, documented API for injecting mock coordinates; it requires the user to select the app as the mock location provider in Developer Options.
Mocking only GPS_PROVIDER is insufficient because many apps rely on fused or network location; injecting identical coordinates into NETWORK_PROVIDER as well dramatically improves compatibility.
A foreground service that pushes coordinates every second via setTestProviderLocation() keeps LocationListener-based apps receiving updates and prevents them from falling back to real location.
OSMDroid with OpenStreetMap tiles provides a free, API-key-free map component that caches tiles to disk, though initial tile loads can be slow from China due to overseas servers.
Apps in banking, payments, ride-hailing, and gaming routinely call Location.isFromMockProvider() and reject spoofed locations, so the technique has clear boundaries.
Xiaomi devices block USB installation by default; developers must enable both USB Installation and USB Debugging (Security Settings) in Developer Options.
Cold-start getCurrentLocation() frequently returns null; a three-tier fallback of lastLocation → getCurrentLocation → requestLocationUpdates produces a reliable initial map position.
The release build triggers a MockLocation lint error that must be explicitly disabled since the app's purpose is mock location.
Conclusions

Android's mock location API is surprisingly capable for a feature many developers dismiss as a debug-only toy—when you treat it as a continuous injection system rather than a one-shot override, it works against a broad set of real apps.

The gap between GPS-only mocking and dual-provider injection explains why so many off-the-shelf spoofing apps fail: they neglect network location, which fused providers silently consume.

Building the tool on official APIs rather than root-level hooks means it stays working across Android versions and doesn't trigger SafetyNet or Play Integrity on its own, though target apps may still reject it.

The project's origin—wanting to preview city-gated pricing in a rental app—reflects a broader pattern: location-based content restrictions create user demand for spoofing that platform APIs already enable.

OSMDroid remains a pragmatic choice for map UIs that don't need Google Play Services, but the overseas tile server latency is a real friction point for users inside China.

Concepts & terms
Test Provider
An Android LocationManager mechanism that lets a designated app inject mock location data into the system's GPS and network providers, used for testing and simulation.
Fused Location Provider
Google Play Services' location API that intelligently blends GPS, Wi-Fi, cell tower, and sensor data to produce a single location estimate, often ignoring a single mocked provider.
isFromMockProvider()
A method on Android's Location object that returns true if the location came from a Test Provider; many security-conscious apps check this flag and reject mocked coordinates.
Foreground Service
An Android service that runs with a persistent notification, giving the system a strong signal not to kill the process—essential for long-running tasks like continuous location injection.
OSMDroid
An open-source Android map view library that renders OpenStreetMap tiles without requiring a Google Maps API key, supporting offline tile caching.
Source: juejin.cn ↗ Google Translate ↗ Backup ↗