Is it possible to secure metadata strings like Facebook application id, google maps api key etc in android?
I tried using generating strings using gradle and manifest placeholders. In all ways the key is generating via reverse engineering.
Is it possible to secure metadata strings like Facebook application id, google maps api key etc in android?
I tried using generating strings using gradle and manifest placeholders. In all ways the key is generating via reverse engineering.
3
Answers
You could encrypt them, but it does not really make sense, since the libraries do not supporting any encryption for that. You can relay on the fact that your app is signed with your key, which cannot be done by any unauthorized party.
This is also why you need to enter your signature and your package name on that sides to get an api key.
Yeah . sure.. there are tons of Encrypting techniques available . you can encrypt your metadata string with this technique in android.
Cryption In Android
In short no.
But talking about Facebook and Google’s API keys, if they are documented to be kept in the source code, you can safely keep them as per the documentation.