Google developers announced that since August 2021, all new applications downloaded to the Google Play Store will have to use the new Android App Bundles (AAB) format, instead of the familiar APK (Android PacKage) that has been used in Android since 2008.
The company explains that AAB is a more versatile, “batch” format that will reduce the weight of applications and adapt them to different devices.
The AAB format appeared in 2018, and its main idea is that Android devices have many different hardware and language combinations that applications must support, and delivering all this code to each individual device is a waste of space. The fact is that Android supports more than 150 languages, four CPU architectures (ARMv7, ARMv8, x86 and x86_64) and different screen resolutions, and all the related data, concentrated in one APK, significantly increases the “weight” of the latter.
In turn, the Android App Bundle turns apps into a set of “split APKs” that can be handed out from the Google Play Store for each individual device. In essence, these “split APKs” are not complete applications. These are just parts of the applications, each of which is focused on a specific area, and together they form an application.
For example, if you have a high-resolution ARMv8-based device running in English, Google Play Store will provide you with a set of “split APKs” that only support a device with those settings. And if your friend has a low-res ARM v7 phone that uses English and Spanish, they’ll get a different set of APKs geared towards that particular device.
Thus, each user will receive only the code that his device needs. According to Google developers, this will help reduce the weight of applications by about 15%.
App developers will also be able to use the App Bundle to control the functionality of their products. For example, some functions may be delivered only to those devices that support them, or will be available to users only upon request.
Many people point out that the move to AAB also guarantees Google more control over the entire Android ecosystem. The point is that Android App Bundles must be handled by the App Store infrastructure. Although AAB is an open source format and Google has an open source bundletool application, many companies will still need to build their own infrastructure and pay all the associated costs.
While the open source App Bundles make them easy to maintain, alternative app stores will have to take on a lot of work and responsibility, and the new format is likely to be heavily used only in the Google Play Store.
In addition, ArsTechnica journalists note that the transition to AAB is associated with another important aspect. So, one of the main components of APK security is signing applications. Basically, the talk is about a digital certificate owned by the developer of the application, which certifies that he created this application. The signature is not valid during the first installation, but during all subsequent updates, the signatures must match.
This means that only the owner of the certificate (the original developer of the application) can update the application. That is, no random third party can create an APK called Google-Pay.apk that will rewrite the real Google Pay Store app and steal all user information.
However, if the entire build system of an application is hosted in the cloud, developer signing keys must also be hosted in the cloud, which shifts responsibility for the application from the developer to Google.
The fact is that if the infrastructure of the app store is compromised, a third party can gain access to the keys of the developers and start distributing malicious updates. It also raises the question of trust to the owner of the app store. After all, now Google owns the signing key and can change any application without awareness of the author, if he wants. For example, the government can force the owner of an app store to change someone’s app at their own discretion.
To allay concerns about this, Google experts made a number of concessions. So, developers will be able to store a local copy of the signing key that they have uploaded to Google’s servers, which will allow them to release valid updates that can be installed over versions from the Google Play Store.
Developers will also be able to download signed Distribution APKs through the Google Play Developer Console. These files are common generic APKs that can be used to upload to other stores. For those who fear that Google might change the app without the developer’s consent, there is a new optional “code transparency” feature that will allow developers to check if the hashes match the code they have uploaded to the store earlier.
Let me remind you that I also said that Google recruits a team of experts to find bugs in Android applications.