PSafe logo
Your IP address () and location () are vulnerable to tracking. Conceal your identity now. Install dfndr vpn.

Are Secret Keys in Google Play Still an Issue for Users?

Downloading apps from the Google Play store is not a completely risk-free situation. But are smartphone users still at risk of this particular security flaw?

It’s much easier and faster for app developers to publish an app on Google Play than on competitor’s app stores, which is why the Play store remains a popular place for the latest apps. Because of this, though, some malicious apps can get through. Thousands of users may download a malicious app before Google is able to remove it from the Play store. To ensure that your device stays protected against malicious apps, you should scan your device for malware after downloading a new app. Use Full Virus Scan to check your phone and SD card for any hidden threats:

run-security-scan
A few years ago, one of these security threats included the discovery of secret keys hidden in Android apps. This was a major issue in 2014, and it left many worried about the security of their online accounts and how safe their private information really was. In this instance, it was discovered that many apps stored secret keys (such as password and username data) in their app software, which left users’ data vulnerable. This user data could then be used to steal data from Facebook or Amazon, among other websites. The Airbnb app, for example, left users’ private information exposed, which then revealed connected services such as Google, Yahoo, or LinkedIn.

Read More: How to Change Your Default Apps on Android

Back then, Android app developers didn’t have to submit their app for review before publishing their app on Google Play. Now, app developers must have Google approve their app before it can be published. This helps to cut down on malicious and unsafe apps in the Play store — yet that doesn’t mean that the Play store is 100% secure. Hidden malware, such as the Judy malware, is being discovered all the time.

App developers have been strongly advised over the years against storing secret keys in apps because of the security risks involved to themselves and their users. Thus, this issue should no longer be a concern when using major apps downloaded from the Play store. Google has made many efforts over the years to direct developers to remove secret keys from their software. Android also has a Keystore system for developers to use to make their apps more secure for their users. This helps to prevent unauthorized individuals from accessing key data.