0

I have signed the apk with release key and it is ready to upload on google play store.

However, I want this apk to be tested overseas by offshore team.

I wonder whether or not s/he could able to publish this apk himself/herself in his google play account. If yes, I am worried to lose ownership.

casillas
  • 14,727
  • 15
  • 94
  • 183
  • You appear to be asking questions about app piracy. See: https://stackoverflow.com/questions/9865162/how-to-secure-my-app-against-piracy and https://stackoverflow.com/questions/10585961/way-to-protect-from-lucky-patcher-play-licensing and https://stackoverflow.com/questions/13854425/how-to-avoid-reverse-engineering-of-an-apk-file – Morrison Chang Feb 20 '18 at 21:16

2 Answers2

2

Yes, he could resign it with his own key. Signing is just a way of proving who published a file, it does not encrypt it in any way.

Gabe Sechan
  • 77,740
  • 9
  • 79
  • 113
  • Then s/he can claim this app belong to her if s/he publishes the app? By the way, is it possible to resign the signed apk? Do not you believe that it should be protected or requires some verification before apk is placed on the Google play store? – casillas Feb 20 '18 at 21:08
  • What is the best way of passing the apk to tester to make sure that s/he cannot able to publish by himself/herself? – casillas Feb 20 '18 at 21:11
  • use closed alpha beta testing – Vamsi Smart Feb 20 '18 at 21:15
  • A good lawyer. There is no technological method that can prevent someone from republishing an APK. And resigning is trivial- the same command that signs it will resign it. Signing is a method of proof of identity, its not a drm system. – Gabe Sechan Feb 20 '18 at 21:40
2

If you publish the app yourself to a closed alpha channel, then no-one can publish an app with the same package name on Google Play. Publishing to alpha is a good idea anyway

  • it doesn't affect the "new apps" for top chart
  • you will get a "Pre launch report" where Google Play automatically tests it for you
  • it lets you try out things like in-app-products work properly before you launch

Gabe is right than only a lawyer can stop your testers re-packaging and re-signing. But having previously uploaded the app to Play will make it a little bit hard for them to do it, and make sure you can keep the package name.

Nick Fortescue
  • 12,169
  • 1
  • 27
  • 37