This question already has answers here:
Closed 3 years ago.
I develop Android app and some of the codes are very private and confidential. I make encryption algorithm into my code to increase the safety.
But recently I read, when people having an .apk file, they can extract the java source code with 100% correct Source.
Not just that, people also can get .apk from Google Play Store Source
Does it means people who has my .apk can view all my source code(java, .xml layout, library)? If yes, all my hard work to have a secure app is not achieved.
Yes,hopefully There is a way of preventing other from getting your hard labor projects full source code
.
Enable ProGuard
for your android application. ant
will call ProGuard
to obfuscate your code.
Your code will be than shrinked as much as possible.Many functions and variables name will be replaced with shrinked form that nobody can decode or understand at all :)
More details are here: https://developer.android.com/studio/build/shrink-code.html
Note that enabling ProGuard takes build time much more than normal build time.So better to do it before release of your app.
The process is called Android Reverse Engeneering. As @ash12 said , you can use ProGuard to obfuscate your source code. But then it will be a serious security-compromise if u store your app credentials like api tokens ,passwords etc.. in the source.
Also You could take a look at DexGuard , which is the commercial variant of ProGuard. It allows you to also encrypt the layout files and obfuscate the content of the manifest and other resource files (together with many other things).