Check if Android application is yours or it is decompiled fake

Question

Is there any way, to check on server if this is my application sending data or it's someone's who decompiled my app? Note that both my and fake apps may be downloaded by user from Google Play. I have only one idea - in Google Play you cant post two applications with the same package names, so maybe I can send package name to server or something like this.

Answer 1

It can't be done without some help from OS - because an app would not know whether it was modified (the modification check itself can be hacked).

The ways I'd go would be the following:

1. Excercise the options Google Play Store gives you - license check and app encryption
2. Add some auth data to the application itself and verify it on the server (some encryption key). The data should change with each version
3. Accept only 2-5 last versions (for people who haven't yet updated)

This way, any pirated version will be valid for only a week or so... And for someone wanting to use the app constantly it will be easier to buy it, than re-download it every 1-2 weeks.

It won't protect you completely, but will make thievery time-consuming and hardly worth it given the option to buy the app. Enough to convince the users who would have bought the app to buy it. Those who pirate things out of principle can not be converted in any case...

Answer 2

there are some points which can make your code and application more safer.

use proguard(see on android devlopment site) it offuscates(other words makes it messy at compile time) your code.

secondly you could use encryption and decryption send some secret key encrypted