google

change apk verion code (work in progress)

disclaimer: this is neither a supported guide nor allowed, i’m not suitable for any loss

issue

we want to republish the old app with a new version, e.g. an app got accidentally updated from playstore and isn’t working anymore – this was raised in a business case since google’s auto block update feature failed – more or less a challange to find a way to get it back working, let’s begin

the app

coose your desired app, in this example Avaya Workplace app available from Google PlayStore in version: 3.14.0.53.FA-RELEASE54-BUILD.19

we need to get the apk file of that app, extract/download with one of the service below

OnDevice Apk Extractor

Online apkpure

decompile

use apktool to reverse engineer the apk, extract and decode the resources to nearly original format, download required jre for java here

change verison

to change the version of the app, edit the apktool.yml in the extracted path, raise the “versionCode” as well the “versionName” above the last/current release

build

after the change we need to rebuild the decompiled and edited apk

apktool build $OUTPUT_FOLDER

sign and align

there is a tool Uber Apk Signer that helps signing, zip aligning and verifying Android application packages (APKs), you need a keystore generated with Android Studio or keytool

java -jar c:\temp\uber-apk-signer.jar -a "C:\temp\avaya.3.14_neu.apk" --ks /path/release.jks --ksAlias my_alias

test

App info 
App name 
App version 
APK name 
Installation source 
Installation time 
Last update source 
Last update time 
Avaya Workplace 
3.14.0.54. FA-RE 
LEASE54-BUlLD. 
19 
com.avaya.android.flare 
Package installer 
2021/01/05 1 
Package installer 
2021/01/05 1

install successfully, the newly installed version is above the original 3.14.x, deploy the app to the required devices, either manually, via EMM system or solutions like Samsung KNOX Configure

update is not possible, wenn try to install the app over an existing one – it fails – since the signature differs from orginal signed app to resigned version

reference “with a changed signature they will have to uninstall the current app before they can install the same app with the new signature”

Summary: Always use the same signature!

Check: http://developer.android.com/tools/publishing/app-signing.html

summary

… so walked amost the entire way, but got stuck at a crutial point, so either

  • got assistance to get the signature working
  • the signing process is as secure as google promise

general

ai to secure appstore

google created a news technique to prevent “bad” apps to be published via play store @engadget

the company took down over 700,000 apps that violated play stores policies last year (a 70 percent increase over 2016)

 

google_play_protect

google play protect is already a service to protect android, it is built into every device with google play

apple user are save as well, if they use the apple appstore, there are also just scanned apps approved

google‘s last years app store growth or enterprise protection services @appstore recap