Current Downsides of Using Code Transparency (Up-until Android 13)
Everything has some limitations and similarly does Code Transparency, we will now discuss them:
- Apps that include the sharedUserId manifest property:
It is challenging to guarantee that such programs are executing the code they claim to be, as they may share their process with other applications. - The code transparency verification will not work for apps that use anti-tamper protection or any other service that modifies the source code after the code transparency file is generated.
- Applications that use feature modules and older Multidex on API levels lower than 21 (Android 5.0). On Android 5.0+ devices, when the program is installed using Google Play, code transparency will still function.
- Older OS versions will not support code transparency.
GeekTip: Code transparency verification is only used by developers and end users to check that the code they are executing is the same as the code that was created and signed by the app developer.
Code Transparency For App Bundles in Android 13
Before shipping any new apps, you may want to have a better understanding of how things will work if you can have better code transparency to deliver your app bundles to the user. Perhaps a better signing mechanism or something like that in place. For apps released using the Android App Bundle, code transparency is an optional code signing and verification approach. It makes use of a signing key for code transparency that is only owned by the app developer. You can sign in your code with the native method which is built into the Android Studio, or you may alternatively enroll yourself in Google Play Signing, but altogether, you need to sign up your app before it gets to the public, and for that Android 13 can help you by adding more transparency. In this Geeks for Geeks article we will learn how you can adopt this new mechanism.
Contact Us