Im developping an android app with firebase. Im worried if some hackers can reverse engineer my app, gey my api key and look through the code to add their own code. They can then run their 'modified' app which will give them access to premium features. Is there a way to prevent this from happening?
Asked
Active
Viewed 36 times
0
-
The app shouldn't be operating directly on the database. You should have a web service that controls access to the database. – Jonathon Reinhart Mar 24 '18 at 15:38
-
With the Firebase Database you can completely secure your database by combining Firebase's client-side authentication model and its server-side security rules. Most common use-cases that you would catch in a web service, are equally possible with that combination. Have a look here: https://firebase.google.com/docs/database/security/ – Frank van Puffelen Mar 24 '18 at 15:48
-
Take a look at this: https://stackoverflow.com/questions/49283996/firebase-android-security#comment85570884_49283996 – shadowsheep Mar 24 '18 at 15:48
-
And this https://stackoverflow.com/questions/18005984/how-to-prevent-other-access-to-my-firebase – Frank van Puffelen Mar 24 '18 at 15:49