Kardia

Alivecor · Remote, medical-grade heart care at your fingertips

Native Android Medical AliveCor Inc.
Bundle ID com.alivecor.aliveecg
Version analyzed 5.58.0-f70e136512
Build framework Native Android
Detection confidence Medium
SDKs detected 12
Analyzed 2026-06-17
Static + runtime analysis

SDKs detected

12 SDKs found across 9 categories. Click any SDK to see every other app that uses it.

All SDKs
From manifest + Info.plist

Permissions requested 13 sensitive

34 permissions requested at runtime. Colors reflect platform sensitivity tier.

Microphone sensitive

Record audio from the microphone.

Find accounts on device sensitive

Read the list of accounts known to the device.

Connect to Bluetooth devices sensitive

Connect to paired Bluetooth devices.

Scan for Bluetooth devices sensitive

Discover nearby Bluetooth devices.

Precise location sensitive

Access exact location via GPS, cell, and Wi-Fi.

Approximate location sensitive

Access approximate location (network-based).

Body sensors restricted

Read body sensors data such as heart rate.

Physical activity recognition sensitive

Recognize physical activity such as walking or cycling.

Post notifications sensitive

Post notifications to the system.

Write storage sensitive

Write files to shared external storage. No-op for apps targeting Android 11+.

Read calendar sensitive

Read the user's calendar data.

Modify calendar sensitive

Add, modify, or remove calendar events.

Read storage sensitive

Read files from shared external storage. Replaced by READ_MEDIA_* on Android 13+.

Internet access standard

Open network sockets.

Network state standard

Read connectivity information.

Act as account authenticator standard

Act as the AccountAuthenticator for the AccountManager.

Manage accounts standard

Manage accounts in the AccountManager.

Use account credentials standard

Request authentication tokens from the AccountManager.

NFC standard

Perform I/O over NFC.

Bluetooth (legacy) standard

Connect to paired Bluetooth devices on Android 11 and below.

Bluetooth admin (legacy) standard

Discover and pair Bluetooth devices on Android 11 and below.

Run at startup standard

Receive the BOOT_COMPLETED broadcast.

com.google.android.c2dm.permission.RECEIVE standard
Schedule exact alarms standard

Schedule alarms that fire at an exact time. Granted from system settings; denied by default on Android 13+.

com.alivecor.aliveecg.permission.C2D MESSAGE standard
Wake lock standard

Keep the device awake.

com.alivecor.aliveecg.DYNAMIC RECEIVER NOT EXPORTED PERMISSION standard
com.google.android.finsky.permission.BIND GET INSTALL REFERRER SERVICE standard
com.google.android.gms.permission.AD ID standard
ACCESS ADSERVICES ATTRIBUTION standard
ACCESS ADSERVICES AD ID standard
com.google.android.providers.gsf.permission.READ GSERVICES standard
Foreground service standard

Run a foreground service.

Vibrate standard

Control the vibrator.

Frequently asked questions

What FlyTrap detected inside Kardia.

What is Kardia built with?

Kardia by AliveCor Inc. is built with Native Android. FlyTrap determined this by analyzing the app's compiled binary, not from anything the developer published.

What SDKs does Kardia use?

FlyTrap detected 12 third-party SDKs inside Kardia, including Firebase Analytics, Firebase Auth and Firebase Cloud Messaging. They span areas such as Analytics, Authentication, Push Notifications and Crash Reporting. The full list, grouped by category, is on this page.

What permissions does Kardia request?

Kardia requests 34 permissions. 13 of these are sensitive, such as Microphone, Find accounts on device and Connect to Bluetooth devices. Each is listed above with its platform sensitivity tier.

Is Kardia safe to use?

FlyTrap reports what an app contains, it does not issue a safety verdict. Kardia requests 34 permissions (13 sensitive) and bundles 12 third-party SDKs. Reviewing those alongside the developer helps you decide what you are comfortable granting.

What platforms is Kardia available on?

The version FlyTrap analyzed targets Android.