I have already published android app on Google Play. It is desired to distribute the application even offline as .apk file directly. My app is completely free and we wish it should spread to as many people.
I am not sure what could be advantages and disadvantages of providing .apk file?
Questions are :
Will Google play count direct .apk installation as a download, when connected to internet ?
Will users with direct .apk installation get any update published later ?
To answer your questions:
Yes, you will get a download prompt if you click on an .apk in Android. When you go to open the completed download, it will offer it up for install (see caveats below)
If you offer your .apk up for direct download outside of Google Play you get no "update checking" -- you have to do that yourself. Not entirely sure what happens if the .apk is available in the play store and via direct download.
It is easier to talk about the disadvantages for the approach of distributing the .apk yourself.
You have to do all the tracking yourself, if you publish to the play store you get some statistics
Similarly, you have to do all "update checking" on your own (either via writing it in your app or some other way.)
No secure way of distributing your application. The built in Android browser does not support downloads over HTTPS streams that require authentication **
Easier for users to get the source code of your app. They can download the .apk from your site, open it in 7zip (or similar) and have at the underlying class files. Whether or not this is a concern is really for you to decide.
The most important reason
Your users will have to check "Allow installation of packages from unknown sources". Your average person might not know how to do this, and may be hesitant to do so. So, it may limit your ability to gain a a wide market share.
So, in summary, ask yourself if not being in Google Play/Android Market is really worth the hassle that comes for both you and your users.
** Not sure if this is true with Chrome on Android -- it is certainly true with the older default browser
Google play collects statistics of Apps only installed through Play Store , with a Google account logged in. Read Documentation on App statistics.
Newer version of Play Store app can auto detect if any of installed app is also available on play store, and will notify for the update.
Also, there are numerous third party app markets other than Play Store. You can upload your app there too (auto update is not available with all of them).
Seems no, correct me if I am wrong :)
Yes, provided that the package name is the same and the version code of the apk file you've uploaded to google play is larger than the one installed in the device.
Related
When the play protect says "it do not recognize the developer" when installing the application it means it has not seen the signature used in the application before in any play store application right?
But I have a question, we all have seen certain apps that are not in the play store but we use them now and then.
For example, we have the Fortnite mobile app, I looked into the web about the reason why it's not in the play store and there I found that they distribute the apk from their website directly because they do not want to pay google play the 30% of the in game purchase ammount that they charge from every application for advertising the application and distribution of the app.
There is also the F-Droid application that lets you download other open-source applications which are not available on the play store.
And many others like AdAway, Lawnchair, Venced Manager etc.
There are also modded applications of Prime Videos, Netflix, Spotify and completely separate apps like HotFlix, TeaTv etc. similar to them.
When we install these apps from outside the play store we don't get any error saying "Play protect doesn't recognise this app's developer, apps from unknown developers may be harmful".
So my question is do they use any signature that is for general use which is also known to google play protect like those open-source licenses we see in github while creating a new repo? or do they all have uploaded their apps in the play store and got banned, denied their policies, or something else?
I am asking this question because I could not find a satisfactory answer anywhere and nobody writes about it anywhere, if there are any mod creators reading this then they can help me out too 😉.
Note: Turning the play protect off is not a solution and I don't do that while installing other apps mentioned above so don't reply with that 😊.
When you release a signed .aab file to Google Play then it will be from a signed Google Partner, (I think that is what it is called). If you download an app that has not been cataloged as an Approved Signature with Google Play, then it is considered side loading.
Side loading is basically installing and .aab or .apk file that has not been verified by Google. So when you side load (install app away from Play Store) Google doesn't recognize the signature. So therefore it says this app is from an untrusted source.
So basically it boils down to whether or not Google has reviewed and approved the signature. This just a security measure that Google puts in place so that it categorized the signature as trusted or not trusted.
It's the same with desktop applications. If it doesn't have a certificate then it's from an unknown publisher.
So with Fortnite the reason why it's not on the Google Play store is because of Google Policy violations with Epic Gaming. So since they would not correct the violation of policy they were removed. So now Fortnite has an .apk file that will run on Android but it is no longer an approved signature in the Google Play database.
That's why Fortnite says it's an untrusted or unrecognizable signature. So it boils down to whether a signature has been added to the database.
You can go into developer mode on your phone and turn on the side loading option and you won't get that message.
Several years ago, Android allowed you to set a permission that lets you install apps from a third party location other than Google's own app store Google Play. Eventually they deprecated that permission and only allowed hardware manufacturers to set that permission. I haven't checked since then whether that is still the case.
What I am wondering though is how I would handle a situation where a company wants to install an APK file on to their own devices but not host the APK file in Google Play. How would they provision this?
Android does allow users to install APK files on to their devices that don't come from Google Play, although that feature has to be enabled. Can that feature be enabled programmatically?
The solution that I can think of to installing company apps is to upload an installer app to Google Play that has been developed specifically by the company and used only for the company, even if it's available to everyone in Google Play. Employees would install this app as they do any app from Google Play. When this installer runs, it would prompt for a username/password. Upon authentication, the app would retrieve the company's apps from its own server and install them.
Is this the solution enterprises are currently using or is there something built into Jelly Bean / KitKat / Lollipop that provides provisioning?
EDIT:
Google states on their Android site:
The application is installed on users' devices. Android does not
currently have an automated provisioning solution. Some of the ways a
sysadmin might distribute the application to users are as follows:
Google Play. Enabling installation from another store. Distributing
the application through other means, such as email or websites.
http://developer.android.com/guide/topics/admin/device-admin.html
Aside from those suggestions, they don't offer anything else. Those solutions wouldn't be acceptable in many organizations.
The solution that I can think of to installing company apps is to upload an installer app to Google Play that has been developed specifically by the company and used only for the company, even if it's available to everyone in Google Play.
I'm pretty certain that only the Play Store app has the authority/permissions to programmatically install apps. Those permissions are not available externally to third-party apps. It would be a lot easier to use one of the following options and simply let the OS handle the installation process.
For enterprise apps, the APK file can be
hosted on a public URL. When downloaded, it installs automatically on the user's phone.
sent as an email attachment. Again, when downloaded, it installs automatically on the user's phone.
In both these cases, the user is asked whether they would like to install an APK that originates from a third-party source.
Also, it is not possible to programmatically change the permission for installing third-party apps. That choice has to be made by the user, and the user is confronted with that choice when they access an APK file in the two ways described above.
There is one more option - using Google Play's private channel:
1. Distribute Android apps in your organization.
2. Use a Private Channel to distribute apps in your organization.
3. Deploy app through Google Play Store in a private channel without Google Apps?.
Is it possible for an android application to act as a custom market place?
The imagined behavior of the app:
Download XYZ app from the built in Google Play Store
Opening XYZ app yields a UI similar to that seen in the Play Store
The user can navigate through XYZ app and select a custom app supported by XYZ to install on their phone
This custom app would not be located on the Play Store and the .apk would be directly installed from the context of the XYZ app/marketplace to the users phone
I did some research and found alternative Android App Stores such as:
Amazon App Store for Android
GetJar
SLideMe
F-Droid
But is it possible to have an alternative marketplace like this that can be accessed from an app that was downloaded from the Google Play Store? Does google allow this type of practice?
So I suppose the heart of my questions is: Is it possible to create an android application that has permissions to install other 3rd party applications directly to a users phone? (without needing to leverage the Play Store or needing to jailbreak the phone)
Thanks in advance for the answers and insights! And please let me know if anything I'm saying doesn't make sense.
(Extra Credit: I would also be curious to learn about the feasibility of doing this with an iOS app as well)
To add to the other answers, you will have problems with some of Google Play's rules. AFAIK they don't allow your app to direct users to a different store. So you won't be able to keep your app on Google Play store in that case.
EDIT
It is not in the Terms and Conditions, as confirmed by #Cumulo Nimbus.
It is in clause 4.5 of the Developer Distribution Agreement:
4.5 Non-Compete. You may not use the Market to distribute or make available any Product whose primary purpose is to facilitate the
distribution of software applications and games for use on Android
devices outside of the Market.
My interpretation of the above was, and still is, that we can't point people to a different app store.
Kudos to #zmarties for pointing me at the Developer Program Policy which links out to the Developer Distribution Agreement. I knew I'd seen this somewhere...
In terms of iOS, Apple does not allow different app stores unless you jailbreak (iOS-speak for rooting) your phone. They are not as open minded as the Google.
Android apps don't need to be rooted in order to install third party apk's. The use just needs to allow this in their settings. The apps you have listed simply instruct their users to enable this setting.
The best example of a third-party "free as in freedom" app store would be F-Droid
Technically it's possible.
The current Developer Program Policy does not seem to prohibit it either - all they have to say on the matter relates to installing "dangerous products" from outside the play store:
Dangerous Products: We don't allow content that harms, interferes with the operation of, or accesses in an unauthorized manner, networks, servers, or other infrastructure.
Malicious scripts and password phishing scams are also prohibited on Google Play, as are apps that cause users to unknowingly download or install apps from sources outside of Google Play.
Having said that, I can't quickly see any alternative apps stores that are themselves in the Play Store.
My company would like to give an Android device to a group of our selected customers.
Doing that, we would like to provide users with our mobile app. The app is already on Google Play, but we would like to avoid users downloading and installing by themselves. We prefer to give the device ready, with the app already installed.
We found several ways to manually install an APK on the phone without having to login to the market. But it seems that doing that, the user will not be able to update the app via Google Play, as the app would not be recognized as installed.
Any idea?
As per January 2015, this appears to be impossible. Here is the response I got from Google Play Developer support:
Side-loaded apps do not update via the Play Store. If you would like the app to update, you will need to uninstall the app on your phone and reinstall the app via the Play Store.
I wonder if anyone found a way around this?
To summarize the answer from #Android-Developer and OP's comment discussion:
Google Play recognizes the app signature of APKs regardless of the installation source. As long as you use the same package name and keystore when generating your APK, Google Play will be able to detect newer versions and trigger an update.
To install the app without logging in to a Google account, enable the "Install from unknown sources" option in Settings. You can disable it once the installation is complete.
You may install Titanium Backup if your phone is rooted, then long press on your side loaded app package and select "Attach to market" option. Now you may receive updates via Google Play.
I don't recommend this, I mean never install cracked or patched apps because of copyright or security risks, but installing a Modded version of Google Play can make patched side loaded apps to be upgraded after attaching them to market via Titanium Backup. This is not needed for purchased apps because they are registered in your Google account, so attaching to market will be enough.
To get a MANUALLY INSTALLED APK to show up in the Google Play Store in the UPDATES or INSTALLED section, do either of the following:
1.) Manually install the APK with the SAME APK filename that Google knows the app as (i.e. from the APK download site like APKMirror.com).
2.) If you CHANGED the APK name when you saved it, it will NOT show up in Google Play Store as an installed app.
However, IF there is an update to the app, you will have to do a ONE-TIME search for that app in the store and update it. It will give you the UPDATE option on the app's store page. Once updated via the store, it will show up in the store's Installed / Updates section from now on.
Why does this work? Because the UPDATE will be done thru the store and the APK name it's using during the update process is what Google knows the app as.
If there is NO update, do option #1.
I always add the App name and version info to the front of the filename so I know what it is for later use (because if I'm manually installing, I'll probably be saving it for multiple / future devices).
I also keep the original name at the end, so I can rename it back to the original name if needed. Android is the only O/S I've seen where the filename matters during the install process.
I am developing a paid app that I will be placing in the google play store, but I want to give away some copies of the app for free to reviewers, for promotions, etc. I know that I can just link to the apk file but that is not secure as anyone could then copy and re distribute it. My question is, is there a way to distribute an application outside of the google play store but in a secure manner? Are there other services that allow you to upload your apk and distribute the app to specific individuals?
If you're concerned about people redistributing your APK, anyone who can install your app can retrieve the APK from their phone and then make that APK available to others, if they wish.
A dedicated android app distribution service might have useful Play-Store-like features, but if that's not essential for you then you just need a non-public file distribution method.
Some possible means of distributing a file to a named set of individuals:
Email it directly (depending on the size of your apk)
Send it using a web-based file hosting + distribution tool (e.g. sharefile.com)
Host it on a website with logins that you control.
As I'm currently facing a similar task, I looked into Zubhium and HockeyApp. However, I haven't evaluated their potential, yet, I just browsed through the website. Maybe you can start from there.