Conclusion
In this chapter we talked about how the developer of an app is ultimately the person responsible for the user’s security and privacy regardless of what third-party code ends up in your APK. To help you assume the risk with a lot more confidence, in the rest of the chapter we looked at what to look for when you’re installing a third-party SDK. We also showed how to look at the original code and what strings and functionality to search for when you’re doing your due diligence. Finally, we used Charles Proxy to see how third-party SDKs were sending back information to their web servers. The SDKs were using SSL to transmit the data, which makes the data secure and hidden away from prying eyes.
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
