Can you suggest me any good anti-crack approaches (other than a code obfuscation), considering that the paid apps on the Market are easily cracked, and the same goes for a basic server check after a PayPal transaction?
My idea is to have one (very important for the app) Java object saved on the server, and passed to the app each time when it starts. Do you think that this sounds good ?
Note that it is more like of a theoretical question, as I am not going to implement it in an app, I am more like seeking the knowledge for this rather than a concrete solution to a problem.
Any ideas would be appreciated, even ones that you are not very sure if they are good or not. Remember, the question is for Android apps. Thanks.
EDIT: I know that there can’t be an unbreakable client side application, I am asking for a good option to prevent it other than a obfuscation
No. Code stored on the server and provided for execution on the device can be grabbed and stored elsewhere such as locally. (And that’s probably going to be as hard for you to implement as it will be for the attacker to patch around)
Ultimately, you have to face the fact that preventing run authorization just isn’t possible on a general purpose computing platform.
Unless you move actual functionality to execution on a server requiring an individually authorized account, all you can hope for with regard to code running on the user owned device is to achieve a higher than average shade of difficulty.