I need the best way to protect my data in android app

Question

I need the best way to protect my data ,I don't want any one to arrive to the data in my app even he can get the api . I heard that any one can decompile app and take the data !! How can I protect it from app side and also from web side ?

thanx in advance.

Here are some links which help you. 1) https://developer.android.com/studio/build/shrink-code.html 2) https://www.guardsquare.com/en/proguard/manual/examples#androidapplication — Andy Developer, Dec 12 '16 at 07:09

score 3 · Answer 1 · edited Sep 23 '17 at 03:56

3

Use Proguard.

You need to remove Log messages.
Set minifyEnabled to true in your app's build.gradle file.
Set rules for obfuscation

This will shrink your code too much so that your code wouldn't be human readable. But, people can still decompile it.

Read this question, for API Keys and other private data.

edited Sep 23 '17 at 03:56

Graham

7,431
18
59
84

answered Dec 12 '16 at 07:05

rupinderjeet

2,984
30
54

I didn't understand !!u mean that this way will protect my data if any one can decompile the code?!! – alsalimi Dec 12 '16 at 07:08
The *obfuscates* code, it doesn't prevent decompilation, just makes it harder – OneCricketeer Dec 12 '16 at 07:09
I need to protect my data in app not the code !! I mean no one can steal my data >> – alsalimi Dec 12 '16 at 07:09
they wouldn't understand your code. For e.g. if you have `getStringFromFile()` method in your code, they might see it as `gsff();` which is totally unreadable. – rupinderjeet Dec 12 '16 at 07:09
What about API keys? And URL strings? Those can't be obfuscated. – OneCricketeer Dec 12 '16 at 07:10
what about apis ? if he reach to it he can get the data !! – alsalimi Dec 12 '16 at 07:11
I mean data that i get from apis not code !! I don't care about code – alsalimi Dec 12 '16 at 07:12
@cricket_007 if the code itself, classes, methods, variables are obfuscated: it will already be hard to read it. And, no one will decompile his app until its big Hit or featured – rupinderjeet Dec 12 '16 at 07:12
I'm just saying it's not impossible to get access to the code and potentially some data without additional measures like encryption. – OneCricketeer Dec 12 '16 at 07:14
edited my answer, for api keys and private data, proguard is still helpful – rupinderjeet Dec 12 '16 at 07:14

score 0 · Answer 2 · answered Dec 12 '16 at 07:16

The best way to protect your data is to only allow authenticated users access their own data and data that can't be used in a harmful way i.e. not other users data. In that way it doesn't matter if the user access the API with his/her own user credentials.

I need the best way to protect my data in android app

2 Answers2