Hacker News new | past | comments | ask | show | jobs | submit login

On the safety point, how would I ensure that e.g. the APK for my banking app is authentic and unmodified?



Good point. How do you ensure that the APK for your banking app is authentic on the Play Store?

Maybe we should ask all banks to publish their apps via F-Droid build service so the build hashes on both the Play Store and its mirrors can be checked for third-party modification.


My bank publishes a Play Store link to their app on their website. If I assume that Google would not maliciously hijack their app ID, I can assume that the app is authentic.

Expecting my bank to listen to suggestions about publishing hashes for F-Droid users is not realistic, so assuming that they would never do this, how would I verify the app outside of the Play Store?


https://www.apkmirror.com/faq/#Security_What_measures_do_you...




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: