I'm creating a restaurant app and I have 2 apps: one is a free app and the other is a paid app. The paid app can only be opened if you log in on the free app. When an user opens the free app I want to check whether the paid app is tampered with/modded.
I tried with packageInfo and PackageManager.GET_SIGNATURES, that I found on this post, to check the certificates but that always returns the same value. Is there a way I can obtain the unique fingerprint or something so that every versionCode/built has an unique value?
I know you can do a checksum on an APK file for instance but if there's no APK file to check and only the free and paid apps are installed, how would I check if it is tampered/modded?
