Protecting the APK

Hey guys

Does anyone have some advice on how to protect the APK/source code? Is it easy? Any other tips on what to do to reduce the cloning of the app (for example some easy authentication on a central server, etc)?

I was not planning to protect my game, but if the effort needed isnt big, why not…

Proguard maybe?

Is it enough? What does it do, scramble the compiled jar?

It changes classes like com.company.MyClass into a.b.c so resulting code is less-readable. Anyway with some efforts you can still do reverse-enginieering. If you are worried about ppl that download your game from sites like apkmania then proguard changes nothing alone, cos it’s tool againt reverse-enigneering and for shrinking. If you want to protect your game you may use google licensing, it requires validation of game via google servers to check if user paid for your game, so if he don’t have internet connection or didn’t buy game he cannot use it, BUT your .apk may be reverse-engineered and hax0r may remove your licensing code from .apk (here proguard may give some advance). Also mixing your code with native C code may make it harder to crack. One more option from google is licensing via Play/ Game services when you implement multiplayer in your game via this service.

Proguard doesnt help much.
U can read this article here: Five Commonly Used APK Protect Methods - xda-developers
And finally check out this link: APK Protect-- Android APK Secure Protecting/Pack/Lock

I didn’t try it yet but the functionality seems good.

My idea is to protect the source only to avoid people duplicating my games to bundle some of their spamware/etc. My games are free, so I dont care if someone simply copies the APK unchanged to some other website (in fact I hope they do it lol).

Well, in fact I dont care much, if someone is duplicating my game it means its very popular (which isnt the case). But if its very easy/simple to do I might do it. I will try using Proguard initially, thanks!

If anyone personally used another solution for their app, please post your ideas/results here.

One of my apps secured with proguard has been cracked. Now Im thinking of buying an obfuscator like allatori or DashO they are the best

Java Source Protector may be the best soultion for you.
It’s free on Google store:https://play.google.com/store/apps/details?id=com.tth.JavaProtector

  • It obfuscated source code (java file), add checker to detect any change of resource strings (xml file).
  • It doesn’t like Proguard, It supports many different options. It creates a new project source code from the original project. Same features, but the source code (in java file) was obfuscated completely

Do you know the best way to encrypt data? Either strings in the application or XML?

This App (Java source protector) can do what you want:

  • Encrypt all string in application
  • For XML String, it can detect and stop your app if XML string resource has been changed

My thought is to secure the source just to dodge individuals copying my amusements to package some of their spamware/and so on. My amusements are free, so I dont mind in the event that somebody essentially duplicates the APK unaltered to some other site (in truth I trust they do it lol).

All things considered, in certainty I dont mind much, on the off chance that somebody is copying my diversion it implies its exceptionally prevalent. Be that as it may, if its simple/easy to do I may do it. I will take a stab at utilizing Proguard at first, much appreciated!

In the event that anybody by and by utilized another answer for their application, please post your thoughts/comes about here.

It changes classes like com.company.MyClass into a.b.c so coming about code is less-lucid. In any case with a few endeavors you can even now do turn around enginieering. On the off chance that you are stressed over ppl that download your amusement from locales like apkmania then proguard changes nothing alone, cos it’s device againt turn around enigneering and for contracting. On the off chance that you need to ensure your amusement you may utilize google authorizing, it requires approval of diversion by means of google servers to check if client paid for your diversion, so on the off chance that he don’t have web association or didn’t purchase amusement he can’t utilize it, BUT your .apk might be figured out and hax0r may expel your permitting code from .apk (here proguard may give some progress). Likewise blending your code with local C code may make it harder to break. One more alternative from google is authorizing by means of Play/Game administrations when you execute multiplayer in your amusement by means of this administration.

It changes classes like com.company.MyClass into a.b.c so coming about code is less-decipherable. In any case with a few endeavors you can even now do turn around enginieering. On the off chance that you are agonized over ppl that download your amusement from locales like apkmania then proguard changes nothing alone, cos it’s apparatus againt switch enigneering and for contracting. In the event that you need to secure your diversion you may utilize google permitting, it requires approval of amusement by means of google servers to check if client paid for your amusement, so on the off chance that he don’t have web association or didn’t purchase amusement he can’t utilize it, BUT your .apk might be figured out and hax0r may expel your authorizing code from .apk (here proguard may give some progress). Likewise blending your code with local C code may make it harder to break. One more alternative from google is permitting by means of Play/Game administrations when you execute multiplayer in your amusement by means of this administration.

LOGO-FULL-300x300.jpg

Hi guys. If you are looking for some app protection, please check out Appwatermark project. It is a side project of Addvertize network and it will be launched soon.

Basically it will give you a protection from:

-reverse engineering
-ads/in-app billing etc removal
-any kind of injections or manipulations with source code

No coding required, just an APK file and couple of minutes are needed

the best part here is that it will be affordable for indie developers, not to say about several free “welcome” integrations :slight_smile:

Optimizing and obfuscating the code with ProGuard