0

I am using Eclipse and Android Studio IDE for Android development. I have a problem on securing data that I hard-coded like public-key, authentication id etc.. in constant or XML file. How to avoid reverse engineering these values from apk?

I have gone through this link How to avoid reverse engineering of an APK file? but I don't know how to do C/C++ library and add them into Android Studio. How can I attain this and is there any tutorial for it?

halfer
  • 19,824
  • 17
  • 99
  • 186
Sampath Kumar
  • 4,433
  • 2
  • 27
  • 42
  • I guess you should first learn about JNI. http://en.wikipedia.org/wiki/Java_Native_Interface – Christian Hackl Aug 06 '14 at 17:25
  • Rewriting your logic in C++ will not make it secure. You can keep the valuable data encrypted with pure Java app, too. You should use some obfuscation tool for your Java, some are better than others. If you want to reach a reasonable level of security, I would strongly advise to hire a specialist. He/she does not need to rewrite or even to understand all your app to fix the critical security issues. – Alex Cohn Aug 06 '14 at 20:23
  • @Alex Cohn : Can you guide some obfuscation tool for me? – Sampath Kumar Aug 07 '14 at 13:37
  • ProGuard is a good beginning. But it is not perfect, and it does not resolve the problem of securing keys and other valuable data. There is no decent solution which you can come up with alone, without significant (payed) help of a specialist (_disclosure_: I am not one of them). – Alex Cohn Aug 07 '14 at 18:53

0 Answers0