If the signatures of both APK files match, APKMirror or other similar sites also publish that app on their platform as well.Ĭonfused? Don’t worry, I’ll walk you through the exact procedure of manually verifying APKs utilizing their cryptographic signatures, so you will understand exactly what I mean.ĭespite the fact that APKMirror is safe but since it doesn’t perform the full verification process as Google Play Store and allows anyone to submit an APK, it’s not as safe as Play Store. Here’s how most APK sites (maybe including APKMirror) verify the APKs before publishing.īased on my research, they usually verify the signatures of submitted APKs by downloading that exact app from the Play Store, extracting its APK file, and trying to match the signatures of both APK files (the submitted APK and the other one extracted from the Play Store). However, APKMirror will verify that APK file before publishing. In contrast, anyone can submit an APK to APKMirror whether it’s the real developer of the app or someone else. Moreover, only the developers of the app can submit their applications to Google Play Store.
If they are unable to verify the legitimacy of the newly submitted app or its new version then APKMirror will simply not publish it.įurthermore, APKMirror is owned and managed by the same team that administers Android Police which means you’re in safe hands. If not, it means the APKs are modified by someone pretending to be the real developer of the app.Īnd when adding a new version of existing published apps, APKMirror matches cryptographic signatures of new versions with previously published apps to ensure that the new version is also signed by the true developers. If the signatures match, it means the same key was used to sign a previously known legit app, therefore validating the new upload. That’s why APKMirror verifies the newly submitted apps as well as when adding new versions of already published apps using their cryptographic signatures to make sure the provided APKs are safe to download.įor newly submitted apps, APKMirror tries to match the cryptographic signatures to other existing applications by the same developer.
In case you don’t know, the cryptographic signature of the app is a specific key signed by the real developers which help in identifying the file integrity. APKMirror is safe for downloading apps as it verifies each application’s cryptographic signatures before publishing to ensure the APK file has not been altered in any way.
0 kommentar(er)
