How can I protect Apk generated by Unity ?

Hello All,

I have developed a game through Unity3D for Android and I have also uploaded it on playStore. But someone has uploaded its .apk on his website and selling it for free(On playStore its paid). So there are few questions that arises here that:

  • How can we secure apk from reverse engineering?
  • Do I really need to secure or Unity already provide support for it?

If any one can answer it would be great help.

Thanks in Advance.

Unfortunately, it is impossible to truly “protect” your code from reverse-engineering. This is not a specific weakness of Unity, but is true of any client-side application. Obfuscation can slow the process down, but a determined hacker will always be able to get past it.

However, from your description it’s unclear that any reverse-engineering has actually taken place - simply that the APK file has been uploaded to an unauthorised site? If your app is normally free to download from the Google Play store, it may even be that the uploader has not realised they have done anything wrong (your game is still free, and they’ve increased your potential circulation…).

The first thing I’d do is to contact the site owner and politely point out that you are the code author, that the application is only for distribution via the Play store, and request they remove it from their site.

If that doesn’t work, you could try legal action but, frankly, it’s not worth it. The best approach to counter hackers is just to continue innovating - create new games, improvements, and features, and make sure that you only push those changes to authorised sites. Sure, you can’t stop them being copied again, but they’ll always be one step behind you.

Nothing is ever secure…

However, what you can do is look into obfuscation methods.

What is obfuscation?

Basically… Turns "string MyServersPassword = “DonkeyLips31”; into something unreadable, then later references it elsewhere in the code…

Or changes a series of variables named… Variable1, Variable2, Variable3 to like…


Those are 3 different names… But, staring at those… can be confusing to the naked eye.

However, if someone is determined… they will steal/crack your game.

Well one way to mess with someone that wants to copy your game is to have a check if the app store DRM is removed. And if it is make the game unwinnable, or show some text.

Good obfuscation makes it really hard for hackers.
For example; during normal Android development we use something called ProGuard.

Don’t listen to people who say ‘Obfuscation is useless’. Yes it might be true that hackers can always access front end code; that doesn’t mean you should make it easy for them to copy and change your work.

try to visit :