10%

Resources

Resources
  • Blogs
  • Case Studies
  • Industry Usecases
  • Industry Reports
  • Newsletters

    • Products

    Products
  • Hitee: Industry Specific AI Enabled Chatbot
  • FLOWMAGIC: Visual AI Platform for Insurer Workflows
  • LCA: Inbound Lead Conversion Administrator

    • Domains

    Domains
  • BFSI
  • Digital Health
  • Consumer Internet

    • Services

    Services
  • Application Development
  • Robotic Process Automation
  • Testing
  • Business Continuity

    • About Us

    About Us
  • Our Clients
  • News and Events
  • Press Releases
  • Partnerships and Certifications
  • Careers

    • Careers

    ABOUT US

    About Us
  • Our Clients
  • News and Events
  • Press Releases
  • Partnerships and Certifications
  • Careers

    • CAREERS

    SERVICES

    DOMAINS

    PRODUCTS

    RESOURCES

    Services
  • Customer Experience Strategy Consulting
  • Mantra.Ai: AI Strategy and Implementation
  • Application Development
  • Robotic Process Automation
  • Testing
  • Business Continuity
    • Domains
  • BFSI
  • Digital Health
  • Consumer Internet
    • Products
  • Hitee: Industry Specific AI Enabled Chatbot
  • FLOWMAGIC: Visual AI Platform for Insurer Workflows
  • LCA: Inbound Lead Conversion Administrator
    • Resources
  • Blogs
  • Case Studies
  • Industry Usecases
  • Industry Reports
  • Newsletters

    • Try : Insurtech, Application Development

    All

    Mantra

    Application Development

    Customer Experience

    Insurtech

    Digital Health

    Deep-Tech

    Insurance

    Edtech(5)

    Events(34)

    Interviews(10)

    Life@mantra(11)

    Logistics(1)

    Strategy(14)

    Testing(8)

    Android(46)

    Backend(29)

    Dev Ops(3)

    Enterprise Solution(22)

    Frontend(28)

    iOS(41)

    Javascript(13)

    Augmented Reality(17)

    Customer Journey(12)

    Design(13)

    User Experience(34)

    AI in Insurance(31)

    Insurtech(59)

    Product Innovation(37)

    Solutions(15)

    E-health(3)

    HealthTech(8)

    mHealth(3)

    Telehealth Care(1)

    Telemedicine(1)

    Artificial Intelligence(109)

    Bitcoin(7)

    Blockchain(18)

    Cognitive Computing(7)

    Computer Vision(8)

    Data Science(14)

    FinTech(44)

    Intelligent Automation(26)

    Machine Learning(46)

    Natural Language Processing(13)

    8 Best Ways to Reduce Android App Size

    By :
    5 minutes, 29 seconds read
    Published on Aug 14, 2020
    Androidapp developerApp sizemobile app

    With the increase in mobile storage spaces that have gone up to 256 GB, app size is also growing. App size is sure to grow as developers are adding new features, trying to meet customer needs, and also trying to support their apps on various screen sizes. Around 74% of the world uses Android, and 70% of users consider app size before installing them. Moreover, as humans are getting accustomed to instant gratification, they ponder on ways to download apps as they take up storage spaces. Despite the cloud support for photos, videos, and files, android users face issues, such as mobile hanging due to app size. As customer expectations are increasing, android app developers are considering other ways to reduce app size while still incorporating significant additional features and keeping in mind the customer experience.

    Below are the 8 best ways to reduce android app size:

    1. Use Android App Bundle to Reduce App Size

    When generating the release version of your app, you can choose between APK and Android App Bundle.  The second option will make Google play to generate the APK with only those features a specific user need. 

    Use Android App Bundle

    App Bundle Vs APK

    Android App Bundle

    • It is a publishing format that includes compiled code and resources of your app, and delays APK generation and signing to Google Play.
    • With Android App Bundles, the compressed download size restriction is 150 MB. The app bundle cannot be used with APK expansion files.
    Android App Bundle
    Important: In the second half of 2021, new apps will be required to publish with the Android App Bundle on Google Play. New apps larger than 150 MB must use either Play Feature Delivery or Play Asset Delivery.

    How to build android app bundles?

    To build app bundles, follow these steps:

    1. Download Android Studio 3.2 or higher—it’s the easiest way to add feature modules and build app bundles.
    2. Add support for Play Feature Delivery by including a base module, organizing code and resources for configuration APKs, and, optionally, adding feature modules.
    3. Build an Android App Bundle using Android Studio. You can also deploy your app to a connected device from an app bundle by modifying your run/debug configuration and selecting the option to deploy APK from app bundle. Keep in mind, using this option results in longer build times when compared to building and deploying only an APK.
    4. If you’re not using the IDE, you can instead build an app bundle from the command line.
    5. Test your Android App Bundle by using it to generate APKs that you deploy to a device.
    6. Enroll into app Play App Signing. Otherwise, you can’t upload your app bundle to the Play Console.
    7. Publish your app bundle to Google Play.

    Please note: Android Package Kit – As per developer console, by the mid of 2021, developers won’t be able to upload apk on play store)

    • Android operating system uses APK which is the package file format for distribution and installation of mobile apps, games and middleware. APK is similar to other software packages such as APPX in Microsoft Windows or a Debian package in Debian -based operating systems.
    • Google Play requires that the compressed APK downloaded by the users should not exceed 100 MB.
    • The expansion files for your app are hosted by Google Play which serves them to the device at no cost to you. The expansion files are saved to the device’s shared storage location (the SD card or USB-mountable partition).

    2. Use Proguard

    Proguard is probably one of the most useful tools to reduce your APK size. It reduces the source code files to a minimum and can reduce the APK file size upto 90%.

    • Use it in all variants whenever using “Proguard”
    • Helps to avoid conflict at the of generate apk or bundle if will use in all the variants.
    • We cannot let ProGuard rename or remove any fields on these data classes, as they have to match the serialized format. It’s a safe bet to add a @Keep annotation on the whole class or a wildcard rule on all your models.

    3. Use Android Size Analyzer Plugin

    This Android Studio plugin will provide you recommendations to reduce the size of your application.

    With the APK Analyzer, you can accomplish the following:

    • View the absolute and relative size of files in the APK, such as the DEX and Android resource files.
    • Understand the composition of DEX files.
    • Quickly view the final versions of files in the APK, such as the AndroidManifest.xml file.
    • Perform a side-by-side comparison of two APKs.

    There are three ways to access the APK Analyzer when a project is open:

    • Drag an APK into the Editor window of Android Studio.
    • Switch to the Project perspective in the Project window and then double-click the APK in the default build/output/apks/ directory.
    • Select Build > Analyze APK in the menu bar and then select your APK.

    More details at: Jetbrains

    4. Optimize Your App’s Resources

    Whether used or not, every resource takes up memory. It is therefore necessary to have only those resources that you need, and to use those in a memory efficient way. In other words, you should consider the resolution of the image before finalizing on it.

    5. Optimize Libraries

    As large libraries consume huge amounts of space, it is advisable to remove parts of it in case you do not need them and if it is permitted by the license of the library. Proguard can aid you in this process but it is not always able to remove large internal dependencies.

    6. Use Vector Graphics Wherever Possible

    They are sharp and do not consume much space as they rely on mathematical calculations and not on pixels that need to be saved. However, they cannot be used for photography.

    7. Compress Your Images

    By using tools such as pngcrush, you can reduce the file size of PNG images. It is advisable to do this images as they still look the same. 

    8. Only Support Specific Densities

    If only a small portion of users use a specific density, it might be better to let Android scale your other densities for them as it would reduce your APK size.

    As mobile storage space is growing, people are installing a large number of apps to meet a wide range of needs. But as app size is increasing, people are continuing to struggle with storage issues. With provisions such as Proguard, one can compress the APK file size and optimize libraries easily. Compressing images and using vector graphs are also useful in reducing app size.

    About the author: Anand Singh is Tech Lead at Mantra Labs. He is integral to the company’s Android-based projects and enterprise application development.

    Further Reading:

    Cancel

    Knowledge thats worth delivered in your inbox

    12 Tips To Secure Your Mobile Application

    By :
    Published on Oct 25, 2022

    Cyber attacks and data theft have become so common these days especially when it comes to mobile applications. As a result, mobile apps that experience security breaches may suffer financial losses. With many hackers eyeing to steal customer data, securing these applications has become the number one priority for organizations and a serious challenge for developers. According to Gartner’s recent research, Hype Cycle for Application Security, investment in application security will increase by more than two-fold over the next few years, from $6 billion this year to $13.7 billion by 2026. Further, the report stated, “Application security is now top-of-mind for developers and security professionals, and the emphasis is now turning to apps hosted in public clouds,” It is crucial to get the fundamental components of DevOps security correct. Here are the 12 tips to secure your mobile application: 

    1. Install apps from trusted sources:

    It’s common to have Android applications republished on alternate markets or their APKs & IPAs made available for download. Both APK and IPA may be downloaded and installed from a variety of places, including websites, cloud services, drives, social media, and social networking. Only the Play Store and the App Store should be allowed to install trustworthy APK and IPA files. To prevent utilizing these apps, we should have a source check detection (Play Store or App Store) upon app start.

    Also read, https://andresand.medium.com/add-method-to-check-which-app-store-the-android-app-is-installed-from-or-if-its-sideloaded-c9f450a3d069

    2. Root Detection:

    Android: An attacker could launch a mobile application on a rooted device and access the local memory or call specific activities or intents to perform malicious activities in the application. 

    iOS: Applications on a jailbroken device run as root outside of the iOS sandbox. This can allow applications to access sensitive data stored in other apps or install malicious software negating sandboxing functionality. 

    More on Root Detection- https://owasp.org/www-project-mobile-top-10/2016-risks/m8-code-tampering

    3. Data Storing:

    Developers use Shared Preferences & User Defaults to store key-value pairs like tokens, mobile numbers, email, boolean values, etc. Additionally, while creating apps, developers prefer SQLite databases for structured data. It is recommended to store any data in the format of encryption so that it is difficult to extract the information by hackers.

    4. Secure Secret Keys:

    API keys, passwords, and tokens shouldn’t be hardcoded in the code. It is recommended to use different techniques to store these values so that hackers cannot get away quickly by tampering with the application. 

    Here’s a reference link: https://guides.codepath.com/android/Storing-Secret-Keys-in-Android

    5. Code Obfuscation

    An attacker may decompile the APK file and extract the source code of the application. This may expose sensitive information stored in the source code of the application to the attacker which may be used to perform tailored attacks. 

    It is better to obfuscate the source code to prevent all the sensitive information contained in the source code.

    6. Secure Communication:

    An attacker may perform malicious activities to leverage the level of attacks since all communication is happening over unencrypted channels. So always use HTTPS URLs over HTTP URLs.

    7. SSL Pinning:

    Certificate pinning allows mobile applications to restrict communication only to servers with a valid certificate matching the expected value (pin). Pinning ensures that no network data is compromised even if a user is tricked into installing a malicious root certificate on their mobile device. Any app that pins its certificates would thwart such phishing attempts by refusing to transmit data over a compromised connection

    Please refer: 

    https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning

    8. Secure API request & response data

    The standard practice is to use HTTPS for the baseline protection of REST API calls. The information sent to the server or received from the server may be further encrypted with AES, etc. For example, if there are sensitive contents, you might choose to select those to encrypt so that even if the HTTPS is somehow broken or misconfigured, you have another layer of protection from your encryption.

    9. Secure Mobile App Authentication:

    In case an application does not assign distinct and complex session tokens after login to a user, an attacker can conduct phishing in order to lure the victim to use a custom-generated token provided by the attacker and easily bypass the login page with the captured session by using a MiTM attack.

    i) Assign a distinct and complex session token to a user each time he/she logs on successfully to the application. 

    ii) Terminate the session lifetime immediately after logging out. 

    iii) Do not use the same session token for two or more IP addresses. 

    iv) Limit the expiry time for every session token.

    10.  Allow Backup 

    Disallow users to back up an app if it contains sensitive data. Having access to backup files (i.e. when android:allowBackup=”true”), it is possible to modify/read the content of an app even on a non-rooted device. So it is recommended to make allow backup false. 

    11. Restrict accessing android application screens from other apps

    Ideally, your activities should not give any provision to the opening from other services or applications. Make it true only when you have a specific requirement to access your flutter screens from other apps otherwise change to android:exported= ”false”

    12. Restrict installing packages from the android application

    REQUEST_INSTALL_PACKAGES permission allows apps to install new packages on a user’s device. We are committed to preventing abuse on the Android platform and protecting users from apps that self-update using any method other than Google Play’s update mechanism or download harmful APKs.

    Conclusion: 

    Mobile Apps have become more personalized than ever before with heaps of customers’ personal data stored in them every day. In order to build trust and loyalty among users and prevent significant financial and credential losses for the companies, it is now crucial to make sure the application is secure for the user. Following the above-mentioned mobile app security checklists will definitely help to prevent hackers from hacking the app.

    About the Author:

    Raviteja Aketi is a Senior Software Engineer at Mantra Labs. He has extensive experience with B2B projects. Raviteja loves exploring new technologies, watching movies, and spending time with family and friends.

    Read our latest blog: Implementing a Clean Architecture with Nest.JS

    Cancel

    Knowledge thats worth delivered in your inbox

    Loading More Posts ...