Security: What measures do you take to make sure all uploaded APKs are real and created by the respective developers?
All APKMirror.com uploads are verified prior to publishing.
We make sure that the cryptographic signatures for new versions of all previously published apps match the original ones, which means we know if uploaded APKs were signed by the real devs or someone pretending to be them.
Note: APKMirror.com has been protected from the Janus vulnerability in Android from day one.
a. For new apps that have never been uploaded to APKMirror.com, we try to match the signatures to other existing apps by the same developer. If there’s a match, it means that the same key was used to sign a previously known legitimate app, therefore validating the new upload.
b. If we see no matches, we try to obtain and compare to a version of the same app from the Play Store or another verified location. If it’s a beta, we will try to get into it. If we can’t, we will attempt to contact the developer.
c. If we’re unable to verify the legitimacy of a new APK, we will simply not publish it.
What is the purpose of APKMirror.com? What APKs are accepted? I just uploaded an APK but it’s not going live.
APKMirror.com is a highly curated community, so there’s absolutely no guarantee we will publish your app. The site’s primary purposes are, in the order of importance:
Allow updates to popular apps that are rolling out slowly and may not yet be available to you to be downloaded and installed sooner.
Get around geo-restrictions and sideload popular apps that may not be otherwise available in your country.
Provide an archive of popular applications along with changelogs and descriptions, so that you can roll back to an earlier version if a new one starts crashing or removes features you’ve grown to enjoy. You can also use the archive for research purposes to compare changes from one version to another, for example.
Allow for alternate distribution of select applications, at the discretion of our management and editorial teams.