Verify signing certificate at runtime Verify the installer context.getPackageManager() .getInstallerPackageName(context.getPackageName()) .startsWith("com.android.vending") Check if app is debuggable (or run on emulator)
android:usesCleartextTraffic="false" ANDROID M StrictMode.setVmPolicy( new StrictMode.VmPolicy.Builder() .detectCleartextNetwork() .penaltyLog().build());