When trying to install a signed application (app-release.apk), a "Blocked by Play Protect" alert is shown and the app is not installed. However, an unsigned application (app-debug.apk) can be installed without problems.
The error message:
Play Protect doesn't recognise this app's developer. Apps from unknown developers can sometimes be unsafe.
Why this error happened? What's the solution?
I found the solution: Go to the link below and submit your application.
Play Protect Appeals Submission Form
After a few days, the problem will be fixed
I've found the better solution. If you want to conquer this problem you should open your play store, in menu find Play Protect
and
and uncheck Scan device for security threats.
Try to create a new key store and replace with old one, then rebuild a new signed APK.
Update: Note that if you're using a http connection with server ,you should use SSL.
Take a look at: https://developer.android.com/distribute/best-practices/develop/understand-play-policies
Google play finds you as developer via your keystore.
and maybe your country IP is banned on Google when you generate your new keystore.
change your IP Address and generate new keystore, the problem will be fixed.
if you didn't succeed, use another Gmail in Android Studio and generate new keystore.
If you are using some trackers like google analytics or amplitude and you are trying to release your app in another platforms other than Google Play, this errors appears for users. So there are two possible solutions:
- Use special trackers in your app (firebase and appmetrica are tested and are ok)
- Release your app in
Google Play
There are three options to get rid of this warning:
- You need to disable Play Protect in Play Store -> Play Protect -> Settings Icon -> Scan Device for security threats
- Publish app at Google Play Store
- Submit an Appeal to the Play Protect.
I am adding this answer for others who are still seeking a solution to this problem if you don't want to upload your app on playstore then temporarily there is a workaround for this problem.
Google is providing safety device verification api which you need to call only once in your application and after that your application will not be blocked by play protect:
Here are there the links:
https://developer.android.com/training/safetynet/attestation#verify-attestation-response
Link for sample code project:
the solution lies in creating a new key when generating the signed apk. this worked for me without a fuss.
- click on Build
- click generate signed Bundle/APK...
- choose either Bundle / APK (in my case APK) and click Next
- click on create new (make sure you have a keystore path on the machine)
- after everything, click finish to generate your signed apk
when you install, the warning will not come.
the only solution worked for me was using java keytool and generating a .keystore file the command line and then use that .keystore file to sign my app
you can find the java keytool at this directory C:\Program Files\Java\jre7\bin
open a command window and switch to that directory and enter a command like this
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Keytool prompts you to provide passwords for the keystore, your name , company etc . note that at the last prompt you need to enter yes.
It then generates the keystore as a file called my-release-key.keystore in the directory you're in. The keystore and key are protected by the passwords you entered. The keystore contains a single key, valid for 10000 days. The alias is a name that you — will use later, to refer to this keystore when signing your application.
For more information about Keytool, see the documentation at: http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
and for more information on signing Android apps go here: http://developer.android.com/tools/publishing/app-signing.html
Not the solution, but you can use debug key for signing release builds to avoid blocking the installation from Google Play Protect. It looks like Play Protect doesn't warn for builds signed with automatically generated debug.keystore.
Note that your debug builds are not unsigned, they are just signed with a debug key.
Of course, you cannot use the build for production distribution (Google Play, Amazon, etc.), but it's still worth for pre-production internal testing which requires a high-frequency feedback loop.
You can add a task to build release with debug.keystore by adding the configuration in build.gradle, something like:
android {
buildTypes {
// add after the `release` definition
releaseDebugKey { initWith release }
}
signingConfigs {
// use debug.keystore for releaseDebugKey builds
releaseDebugKey { initWith debug }
}
}
then execute ./gradlew assembleReleaseDebugKey to build a release build with debug key.
来源:https://stackoverflow.com/questions/51080755/installation-app-blocked-by-play-protect