Back to Articles
Android APK Signature Schemes v1 to v4 Explained

Android APK Signature Schemes v1 to v4 Explained

1 min read 173 words

APK Signature scheme

  1. JAR signing (v1 signing)
  • Minimum SDK: Android 1.0 (API Level 1)
  • Signs APK with a private key
  • Public key certificate embedded in APK
  • Compatible with all Android versions
  1. APK Signature Scheme v2
  • Minimum SDK: Android 7.0 (API Level 24, Nougat)
  • Whole-file signature scheme
  • Improves verification speed
  • Strengthens protection against unauthorized modifications
  • Signs entire APK, including ZIP entries and Android manifest
  1. APK Signature Scheme v3
  • Minimum SDK: Android 9.0 (API Level 28, Pie)
  • Extension of v2 signing scheme
  • Additional information about signing key
  • Includes certificate expiration date and strong security hardware usage
  • Suitable for apps targeting Android 9.0 and later
  1. APK Signature Scheme v4
  • Minimum SDK: Android 11.0 (API Level 30, R)
  • Allows signing using separate signature file
  • Faster app installation
  • Better protection against unauthorized modifications
  • Designed for apps targeting Android 11 and later