Solution 1:

Taking into consideration that my application targets Android 4.0 (API 14) and above, is the android.os.Build.SERIAL number for the android devices unique for each device ?

According to this useful article in the Android Developers blog, android.os.Build.SERIAL should be unique if it is available. From the article:

Devices without telephony are required to report a unique device ID here; some phones may do so also.

Does this mean that the serial number might not be available ?

Correct, it may not be available. Notice that they say "Devices without telephony are required...", so only devices without "telephony" (like wifi only tablets) are required to supply a SERIAL number, although some phones still do (like the Nexus 4).

Documentation is definitely lacking on this topic, but from the wording it's possible that only "devices without telephony" are required to submit a unique ID, while phones that do submit one might not be unique.

What could be another alternative that meets the conditions mentioned above ?

For your situation I think your best bet is to first check for a deviceId (IMEI, or what not) and if deviceId doesn't exist then you fallback to using android.os.Build.SERIAL (since this is probably a tablet) like so:

public static String getDeviceId(Context context) {
    final String deviceId = ((TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE)).getDeviceId();
    if (deviceId != null) {
        return deviceId;
    } else {
        return android.os.Build.SERIAL;
    }
}

Keep in mind to use deviceId you need the permission android.permission.READ_PHONE_STATE.

So since your app's minSDK is 14, you can safely use the field android.os.Build.SERIAL. And if we assume that devices without telephony truly do always provide unique ids in SERIAL then I think this would be a safe bet on always getting a unique device id (bar any bugs of course).

Solution 2:

I personally use Secure.ANDROID_ID & Build.SERIAL to identify a phone:

androidId = Settings.Secure.getString(this.getContentResolver(), 
                Settings.Secure.ANDROID_ID) + Build.SERIAL;

They may have the same ANDROID_ID, they may not have a SERIAL. But the chance of both is low.

Solution 3:

You appear to have summarized the situation pretty well.

The serial number is intended to be unique for each device, but (this being Android) there are of course bugs that create exceptions, e.g. https://code.google.com/p/android/issues/detail?id=35193

As you point out, the docs suggest that this is intended to be a hardware serial number, but the way it is worded suggests that you shouldn't count on that. And don't mistake that for the device's actual serial number, i.e. the serial number printed on the back or on the box. As well, I believe it is much less widely used than android_id, so there could well be issues that are not reported.

I've seen it widely reported that the android_id is based on the serial number, but I believe that is not true - I recently observed that, on a tablet with the new multi-user capability, each user account gets its own android_id but the serial number is the same for both.

AFAIK 'another alternative' does not exist: your list is complete. The serial number is the closest thing to what you are after unless you are prepared to depend on wifi or bluetooth permissions.