October 1, 2019

19:52

Just came accross a banking app that is delivered as a split APK. Seriously?! Shit for brains? Slept through cryptography 101?

If your app must communicate over an encrypted channel, then you must NOT use the split APK format. The very fact that Play asks you for your signing (=private) key should ring a bell.