Android Application Secure Design/Secure Coding Guidebook
The content of this guide is up to date as of the time of publication, but standards and environments are constantly evolving. When using sample code, make sure you are adhering to the latest coding standards and best practices.
JSSEC and the writers of this guide are not responsible for how you use this document. Full responsibility lies with you, the user of the information provided.
Android is a trademark or a registered trademark of Google Inc. The company names, product names and service names appearing in this document are generally the registered trademarks or trademarks of their respective companies. Further, the registered trademark ®, trademark (TM) and copyright © symbols are not used throughout this document.
Parts of this document are copied from or based on content created and provided by Google, Inc. They are used here in accordance with the provisions of the Creative Commons Attribution 3.0 License
Revision history
- 2014-04-01
Initial English Edition
- 2014-07-01
- Added new articles below
- 2015-06-01
- We have reviewed the entire document in accordance with the following policy
Change of development environment (Eclipse -> Android Studio)
Responding to Android latest version Lollipop
Change of API Level (8 or later -> 15 or later)
- 2016-02-01
- Added new articles below
- Revised article below
- 2016-09-01
- Revised articles below
- 2017-02-01
- Added new articles below
- Revised articles below
- Deleted the section below
4.8.3.4 BuildConfig.DEBUG Should Be Used in ADT 21 or Later
- We have reviewed the entire document in accordance with the following policy
All discussions in the main text concerning Android 4.0.3 (API Level 15) and earlier versions have been deleted or moved to footnotes.
- 2018-02-01
- Added new articles below
- Revised articles below
- 2018-09-01
- Added new articles below
- Revised articles below
4.5.3.6. [Reference] Encrypt SQLite Database (SQLCipher for Android)
5.2.1.2. How to Communicate Between In-house Applications with In-house-defined Signature Permission
5.4.3.2. Install Root Certificate of Private Certificate Authority to Android OS's Certification Store
5.4.3.8. (Column): Transitioning to TLS1.2/TLS1.3 for secure connections
- 2019-09-01
- Added new articles below
- Revised articles below
4.1.3.1. Combination of Exported Attribute and Intent Filter Setting (For Activity)
4.4.3.1. Combination of Exported Attribute and Intent-filter Setting (In the Case of Service)
5.2.3.6. Modifications to the Permission model specifications in Android versions 6.0 and later
5.4.3.8. (Column): Transitioning to TLS1.2/TLS1.3 for secure connections
5.5.1.2. Broad consent is granted: Applications that incorporate application privacy policy
5.6.2.2. Use Strong Algorithms (Specifically, Algorithms that Meet the Relevant Criteria) (Required)
- 2019-12-01
- 2020-11-01
- Added new articles below
- Revised articles below
- 2021-10-19
- Added new articles below
- Revised articles below
- 2022-01-17
- Revised articles below
- 2022-08-29
- Added new articles below
- Revised articles below
- 2024-2-29
- Added new articles below
- Revised articles below
- 2025-1-29
- Added new articles below
- Revised articles below
- Deleted the section below
4.6.3.6. About specifications related to access to external storage in Android 10 (API Level 29)
4.6.3.7. Application of Scoped Storage in Android 11 (API Level 30)
4.6.3.8. Media Collection Permissions in Android 13 (API Level 33)
4.6.3.9. Partial Access to Images and Videos in Android 14 (API Level 34)
- 2025-8-27
- Added new articles below
- Revised articles below
4.7.3.1. Component Export Control and Intent Sending Restrictions
5.5.3.8. Auto-hibernation Function for Unused Applications on Android 12
5.5.3.9. API Return Value Change Following Specification Changes to the Package Access
5.3.3.2. Cases in which Authenticator accounts with non-matching signatures may be read in Android 8.0 (API Level 26) or later
- Deleted the section below
4.1.3.3. Reading Intents Sent to an Activity
4.6.3.4. Specification Change regarding External Storage Access in Android 4.4 (API Level 19) and later
4.6.3.5. Revised specifications in Android 7.0 (API Level 24) for accessing specific directories on external storage media
4.9.3.1. Vulnerability caused by addJavascriptInterface() at Android versions 4.1 or earlier
5.3.3.2. Exception Occurs When Signature Keys of User Application and Authenticator Application Are Different, in Android 4.0.x
5.6.3.3. Measures to Protect against Vulnerabilities in Random-Number Generators
Note: For a detailed description of these revisions, see Section Articles Revised from January 29, 2025 Edition.
For the release of this new edition, we have updated the contents of this Guidebook based on your comments and suggestions.
Published by
Japan Smartphone Security Association (JSSEC), Technical Subcommittee, Secure Coding Working Group
Leader |
Tsutomu Miyazaki |
LAC Co., Ltd. |
Members |
Ryuta Nakagami |
LAC Co., Ltd. |
Akihiro Shiota |
NTT DATA Corporation |
|
Teruaki Honma |
KDDI CORPORATION |
|
Harunobu Agematsu |
KDDI CORPORATION |
(In no particular order)