How to secure android .apk file

So that no one can see code and resources by changing extensio开发者_如何学Pythonn .apk to .rar and extracting using winrar. Any help will be highly appreciated.

There is a feature in android sdk by default, that it compresses the .apk so it would be hardly difficul for rever-engenering it.

Sorry, you can't really without help of the framework. Some features are added to Jelly Bean (like doing some crypto with device unique key), but in pre 4.1 you are all on your own. You can't protect standard resources (but you'd try to have then in your own proprietary format and then "build" assets in apps. As for code - obfuscate using tools like pro guard AND then try to reverse engeener your own app to see how it looks. You may try to make reversing harder by using reflection, crypting some portions of code, adding complicated code that in fact does nothing but it's hard to follow for someone who learsn what you do etc, etc. In general cat & mouse game.

You cannot prevent apk being extracted using winrar, 7z , unzip tools because apk is also a king of a zip file. But if you can secure its contents like assets, strings by using encryption. You can decrypt these resources at run time so the others cannot easily get the contents in assets, raw, string resources.