29 January 2018
Installing an APK file on your Android device isn’t as safe as you might think. Chances are, you have never experienced any issue after installing an APK, maybe you’re aware of the consequences and already know how to check or scan an APK file getting installed on the device. The very first advice the users get if their device caught up any malware is to check any file downloaded from unknown sources. And, the cure or this primary aid works almost everytime and takes the device back to its safest state once again.
Not everyone is aware of the consequences of installing a malicious APK file. Installing the apps from outside the applications store is actually called as “sideloading.” And, unlike Apple, Google lets you sideload the apps. For this, you just check the “Unknown Sources” in Settings so as to let the installation happen. But, this portrays a potential risk or even a big threat if the developer of that app has bad intentions.
You can check before installing any APK if it’s safe to use or not with the help of some websites that scans the files and provide the signal accordingly.
How to scan APK file before installing on Android device
The very first site that will scan the APK file for you is the VirusTotal. This checks for viruses and other issues. The website has gained positive reviews from the users. The only drawback is you could only scan an APK that has a file size below 128MB.
You just need to open the site, upload the file and click Scan. The service will compute the SHA and analyze it thoroughly.
Don’t worry, the list includes another website for your purpose.
Next up is the Metadefender that allows you to upload the APK file up to 140MB. This is slightly bigger size allowance but still, it can’t be beneficial for every file size.
NVISO APK Scan
NVISO APK Scan offers a detailed report on the APK file you’re about to install. Good news is there’s no file size limit, so you can even check a huge-sized game file.
The fourth and the last way to check is to use the Hash Droid. This works by analyzing the SHA file. To the uninitiated ones, SHA is Secure Hash Algorithm that’s used to create digital signatures. The cryptographic signature guarantees the file is safe to install and was not tampered with in any way, however, it’s always recommended to check the authenticity still.
If the developer of the app has publicly mentioned the SHA then you can check the state of the app via SHA simply.
Unlike the others mentioned here, the Hash Droid is an app available on Play Store. Download and install this app and choose the SHA 256 of the APK file you want to analyze.
We can't say that these methods work accurately, but they are the best ways to know about the APKs and the complete report. So, these were some of the methods with the help of which you can check the authenticity of any APK file before installing it.