Protection for Android APK

 

1. Requirements

Android AppSealing supports APK with the following specifications.

  • Unity version: 4.6 or later
  • Unreal Engine installed: version 4.1 or later
  • Visual Studio installed: version 2015 or later
  • Android SDK: API 8 or later / Android SDK build-tools revision 19.1 or later
  • Maximum APK file size: 250MB
    • If your APK exceeds 250MB, you can contact us to support an Enterprise tier plan.

2. Sealing

2.1 Uploading APK file

Uploading the APK file to the AppSealing server will automatically implement the AppSealing security module inside the APK file.

Just upload the APK built from Unity to the ADC for full protection.

 

     1. Log into ADC and go to the Sealing page. (Fig.1)

andorid_ss1_en.png

(Fig.1)

 

     2. Configure sealing options

  • Sealing Mode
    • Test Mode: For testing before uploading for Release Mode.
    • Release Mode: For market release purposes.
  • DEX Encryption
    • Protects JAVA code by encrypting multiple DEX files.
  • Rooting
    • Blocks or allows rooted devices from running the application.
  • Emulators
    • Blocks or allows Bluestacks and Nox from running the application. 
  • Macro tools
    • Block or allows the installation of macro tools at 2.16.0.0+ versions.
  • Packet attacks
    • Block or allows the installation of packet attack tools at 2.16.0.0+ versions.

 

     3. Upload your apk.

     4. Click the 'Seal The File' button to Seal.

 

2.2 Downloading Sealed APK file

The sealing process can vary in time depending on the APK file size. You’ll be noticed through your email on the Sealing result.

  1.  Go to Sealing History below the Sealing page once the Sealing has been completed. (Fig.2)

(Fig.2)

    2. The download button is activated when the APK file has been Sealed.

    3. Now you can download the Sealed APK and install it on a device.

NOTE:

The Sealing server breaks the Keystore signing during the Sealing process. Keystore signing must be done after Sealing in order to release and install & launch the APK file.
Zipalign must be done in order to upload the APK to Google Play.

 

3. Zipalign and Keystore re-signing

Applying AppSealing will disable apk`s certificate. For seamless integration, AppSealing supports Keystore management and automated signing apk & aab file after applying AppSealing.

You can see the below pop-up window when you try to download the app from the web console. 

download_popup.png

<You can download the app with automatic signing with your keystore>

If you don't want to upload Keystore to the AppSealing console, then you need to consider adding zipalign & signing steps to your build pipeline.

3.1 Apply zipalign

zipalign -p -f -v 4 [APK_FILE] [ZIPALIGNED_OUTPUT_APK_FILE]

Zipalign must be applied before signing the apk.

3.2 Sign your apk with ApkSigner

apksigner sign --ks [KEY_STORE_FILE] --ks-key-alias [ALIAS] [APK_FILE]

3.3 References

Was this article helpful?
0 out of 0 found this helpful
comment section

0 Comments

Article is closed for comments.