How to avoid reverse engineering of an APK file?

后端 未结 30 2275
醉梦人生
醉梦人生 2020-11-21 22:27

I am developing a payment processing app for Android, and I want to prevent a hacker from accessing any resources, assets or source code from the APK file.<

30条回答
  •  北荒
    北荒 (楼主)
    2020-11-21 23:03

    Nothing is secure when you put it on end-users hand but some common practice may make this harder for attacker to steal data.

    • Put your main logic (algorithms) into server side.
    • Communicate with server and client; make sure communication b/w server and client is secured via SSL or HTTPS; or use other techniques key-pair generation algorithms (ECC, RSA). Ensure that sensitive information is remain End-to-End encrypted.
    • Use sessions and expire them after specific time interval.
    • Encrypt resources and fetch them from server on demand.
    • Or you can make Hybrid app which access system via webview protect resource + code on server

    Multiple approaches; this is obvious you have to sacrifice among performance and security

提交回复
热议问题