Amazon advises Android developers on how to protect code

Amazon Appstore for Android developers should consider obfuscating their code if they are concerned about their applications being reverse engineered, the company said yesterday.

Obfuscating the code modifies the source and machine code to be difficult for a human to understand if the app gets decompiled, according to Amazon.

For Android apps, Proguard is a code obfuscation tool that is provided to developers once they download the SDK (software development kit). The program shrinks, optimises, and obfuscates the source code, Amazon said.

Besides obfuscating the code, Proguard also reduces file sizes and boosts the run-time performance of the code.

But Amazon also has a caveat for developers whose applications include in-app purchasing, allowing users to buy digital content and subscriptions - such as in-game currency, expansion packs, upgrades, and magazine issues - within apps. If in-app purchasing is available all of the code cannot be obfuscated. Amazon Appstore relies on certain methods being available to call and provide developers with information about a purchase request. If these methods get obfuscated and renamed, the Appstore will not be able to send the information, according to the blog post.

To avoid the latter, developers have to add a few lines of code to ensure the in-app functionality is preserved, the blog post said.

Amazon's introduction of an in-app purchasing API earlier this month highlights how important it has become, and there is a reason for that.

In-app purchases now account for 60% of revenue among the 200 highest-grossing applications for Apple and Android, according to a recent survey conducted by market research company CCS Insight and Distimo, which has specialized in app store market analytics.