Yesterday one of our clients complained that they are facing an issue while installing latest app provided by us. If You Are an Android developer then you often play with APK files coming from “insecure sources” such as signed APKs built with Android Studio? In case you do, you might likely experience the following problem when trying to install those apps:
It also goes without saying that neither rebooting the phone and/ or removing the existing .APK and/or uninstalling the app’s previous version (if any) seems to fix the issue.
You Might have Built App With Full-APK Signature:
This workaround should be the first thing to try if you’re using older phones and/or Android builds <= 6. As you can read here, Android 7.0 “Nougat” introduced the APK Signature Scheme v2, a new app-signing scheme that offers faster app install times and more protection against unauthorized alterations to APK files. By default, Android Studio 2.2 and the Android Plugin for Gradle 2.2 sign your app using both APK Signature Scheme v2 and the traditional signing scheme, which uses JAR signing – meaning that they give the option to sign the APK with either a JAR signature (aka v1) or a full APK sign (aka v2): to be more specific, during the process of building the app the developer is asked to choose between using one or these signature version, none or both of them. As you might easily guess,older phones with older android versions don’t support the new v2 signature versions, hence they will raise the “app not installed” error if the APK only contains that one.
The fix for such scenario is to apply both of these signatures, by selecting the two checkboxes – just like shown in the following screenshot: