That's right, there's no special signing on the Play store level, though *every* app is signed by a developer, paid or unpaid. (And of course, there are other app stores as well...)
Perhaps if you clarify a little more as to why you're asking? kris On Thu, Nov 15, 2012 at 10:20 AM, seattleandrew <[email protected]>wrote: > As far as I understand, an .apk is an .apk is an .apk. The play store (for > most devices) does not do anything special with the .apk to make the > download unique to the user, the play store simply authenticates that the > user is allowed to download it and facilitates that process. However with > Android 4.1 Jellybean, they introduced an encrypted .apk feature (which had > some bugs so I don't know if they fixed it) which allowed developers to > require that applications on Jellybean devices would be encrypted. The key > that was used to encrypt the .apk was unique to the user+application, and > therefore if a user tried uploading the .apk, they'd first have to decrypt > the application before anyone else could use it. > > > On Tuesday, October 30, 2012 2:38:43 AM UTC-7, lyrik Huang wrote: >> >> Recently I just want to know how google controls the paid app, >> I mean how can the .apk only be installed in the device that runs with >> the right google account. >> is there an additional signature mechanism that adds the buyer's >> information into the .apk >> I only saw a META-INF directory in the .apk file,but there's no more >> information about the consumer who bought the application. >> so I want to find out the real mechanism out there. >> > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-security-discuss/-/m_l04MyMsVYJ. > > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
