Faced this problem when developing two applications. The first application uses the sending of e-mail messages and must store the credentials for logging into the smtp-server. There is a danger of decompiling apk and getting access data by third parties. In the second application, it is still more serious: the program rewards the user with bitcoins and must keep the access data to the bitcoin wallet. Using the obfuscator Proguard does not solve the problem, but only slightly complicates the process of analyzing the code. How to solve this problem? There is no possibility of using the server.
- Android keystore system? - pavlofff
- @pavlofff, interesting option, thanks. We have never used the keystore for such purposes, do not tell me how to save the necessary keys into it? - SolderingIronMen
|