Campbell avatar image
Campbell asked

DexGuard tamper detection

We have DexGuard tamper detection enabled in our app. Amazon's re-signing / code injection triggers this and will stop the app from running. The suggestion from Amazon was to upload a version without the tamper detection, then download the app after re-signing / code injection and apply our tamper detection to that binary.

However, that's not possible, because tamper detection is done at a code level and the whole app would need to be rebuilt to enable it (which destroys Amazon's signature etc.)

Is there any way that we can get our app onto the Amazon app store as-is, without any re-signing or code injection?

(nb: I'm posting this question from my personal account - the app is managed from a different, corporate account)

fire tabletapp submission and updatesandroid
1 comment
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Campbell avatar image Campbell commented ·

Any suggestions? Our clients are very security-conscious, so would rather remove the apps from the Amazon app store than go without tamper detection.


0 Likes 0 ·

1 Answer

Levon@Amazon avatar image
Levon@Amazon answered

Hi there,

Thanks for posting! I believe we replied to your Contact Us case. Amazon always re-signs your binary, either before you sign it yourself, or after. Regrettably, there is no way to submit an app without Amazon also signing it.

Please note that Amazon DRM is an option, that would prevent users from running your application on a different device / account. That's obviously different from tampering, but you might want to consider that. ProGuard can also be used for obfuscation. Finally, DexGuard can be configured slightly differently for Amazon builds, by skipping tamper protection, but adding other sorts of obfuscation. Please see a longer conversation here:

10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.