PiracyChecker

Additional

Language
Java
Version
1.2.4 (Sep 28, 2018)
Created
May 26, 2016
Updated
Sep 28, 2018
Owner
Javier Santos (javiersantos)
Contributors
pylerSM
Javier Santos (javiersantos)
deletescape
nicholaschum
jahirfiquitiva
JonathanPrecise
Jasi2169
7
Activity
Badge
Generate
Download
Source code
APK file

Blurb

PiracyChecker

Android Library

An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more.

Co-Author: Jahir Fiquitiva Owner & Author: Javier Santos

Disclaimer

This library applies some techniques to help protect your app's users and attempt to thwart reverse engineers and attackers. BUT, this isn't guaranteed to stop your app from getting pirated. There is no such thing as 100% security, and a determined and skilled attacker with enough time, could remove these checks from the code. The real objective here is to raise the bar out of reach of opportunist and automatic attackers.

Some of the techniques included in this library can be found here.

How to include

Add the repository to your project build.gradle:

repositories {
    maven {
        url "https://jitpack.io"
    }
}

And add the library to your module build.gradle:

dependencies {
    implementation 'com.github.javiersantos:PiracyChecker:1.2.4'
}

Recommendations

  • Always enable ProGuard in your production release. Always, without exceptions.
  • PiracyChecker should be included in your onCreate method in order to check for a valid license as soon as possible.
  • It's recommended to show a new Activity instead of a Dialog when the license is not valid. This way you make sure that the main activity of the app is finished. See "Display results in a Dialog or a new Activity".
  • Don't forget to enable ProGuard ;)

Usage

Verify Google Play Licensing (LVL)

Google Play offers a licensing service that lets you enforce licensing policies for applications that you publish on Google Play. With Google Play Licensing, your application can query Google Play to obtain the licensing status for the current user.

Any application that you publish through Google Play can use the Google Play Licensing service. No special account or registration is needed.

For more information check out the Google Developers page.

piracyChecker {
 enableGooglePlayLicensing("BASE_64_LICENSE_KEY")
 ...
}.start()
Java Sample
new PiracyChecker(this)
 .enableGooglePlayLicensing("BASE_64_LICENSE_KEY")
 ...
 .start();

In order to retrieve your BASE64 license key your app must be uploaded to the Google Play Developer Console. Then access to your app -> Services and APIs.

When using Google Play Licensing your should call .destroy() in the onDestroy() method of your Activity to avoid multiple instances of the service running. Have a look to the Wiki for a sample Activity with

destroy().



Java Sample
new PiracyChecker(this)
 .enableSigningCertificate("478yYkKAQF+KST8y4ATKvHkYibo=") // The original APK signature for the PRODUCTION version
 ...
 .start();

Don't use this method when using Google Play App Signing since Google removes the original signature and add another one, so this method will fail.

BE CAREFUL!! Your app signature can be retrieved using a PiracyCheckerUtils method. Make sure that you have signed your APK using your PRODUCTION keystore (not using the DEBUG one) and installed the version that you plan to distribute. Then copy the signature returned by this method on the console and paste in enableSigningCertificate("YOUR_APK_SIGNATURE")// This method will print your app signature in the console Log.e("SIGNATURE", apkSignature)
Java Sample// This method will print your app signature in the consoleLog.e("SIGNATURE", LibraryUtilsKt.getApkSignature(this));