stackoom
  简体   繁体   中英

Disable taking apk file from an installed android application

 原文  2013-10-08 09:21:27       java/ android/ google-play

Question

Usually it is possible to take .apk file of an android application even after it is installed in a device. But I could find some applications, which are protected from taking their .apk files.

As it is also possible to extract code from the .apk file, I think the developers code is not safe. Can anybody tell me how can I prevent a third party from taking .apk file of my android application?

Thanks in advance.. :)

2 answers

solution1
 0  2013-10-08 09:38:37

As for not having the possibility to take the APK, I don't think you can really prevent it since eventually it is only a file located somewhere in the internal storage. As long as the user has enough permissions he can extract it.

Protecting the code. There are several levels of protection but eventually, you cannot prevent it If you do nothing, the reverse engineering of the code is pretty simple. There are several tools to obtain some level of security. For example, ProGuard , which is a Google's tool which already built in in most Android IDEs.

An excellent SO post for code protection: How to avoid reverse engineering of an APK file?

solution2
 0  2014-05-13 06:11:00

I was investigating this issue and thought I will update here. It is recommended for security reasons that you set this in your android manifest file:

android:allowBackup="false"

So, if somebody tries to do a full adb system backup or uses it to backup your app in particular, it won't come in the backup, thus preventing them to extract the apk from there. I tested this and it works, ie the adb backup didn't allow backup of my sample app.

Then I installed an app for taking app backups (ES File explorer), and unfortunately, it allowed the .apk backup to be taken for my sample app where backup was disabled. And this was an unrooted device. This seems to indicate that setting this property in manifest doesn't prevent other apps to take backups.

So there are few options left:

  1. Use proguard and other best practices to make it difficult to reverse engineer your apps.
  2. Use app licensing keys provided as a service by Google Play to avoid piracy of your app.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Android Studio: The application installed from Run 'app' and application installed from build/outputs/apk/debug/app-debug.apk are different How to generate an apk file from Android Application programmatically? Android open file from my application into suitable application installed error Run the Android Application on any phone with the .apk file App not installed! Error while installing apk from android studio build “App not installed” on device error from debug apk, “File appears to be corrupt” Android APK cannot be installed on device Android: .java files readable from .apk file? Generating android apk file from java commands Get Android Studio Project from APK file
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM