This guide describes Application DRM (hereafter referred to as “ARM”), which is provided by ONE store as a solution to prevent illegal copying of Apps.

ONE store ARM does not support a multi dex apk.

ONE store 2nd Generation ARM is a dedicated Appication DRM of ONE store developer center. It intends to prevent illegal copying and falsification of the Apps distributed on ONE store. If a user purchases an App with the 2nd ARM on ONE store developer center and then runs the App, the encrypted code is unlocked and the App is executed after confirming if the user purchased the App that he/she runs and the user has proper permissions. If an App is illegally distributed and a user has no permission, the user cannot run the App. Illegal falsification of the App is not possible since the code is encrypted.

The following picture briefly describes how ONE store 2nd Generation ARM is applied when an App developer uploads an App and how ARM works while a user buys/runs an App.

1. The App developer can apply ARM to Apps that he/she wants to publish by clicking ‘Apply ARM’ button provided by the security center of ONE store developer center. At that point, the developer can select the option of signing. If not selected, S-APK (Secure-APK) is generated and can be downloaded. If selected, SS-APK (Signed Secure- APK) is generated and can be downloaded.

2. At the time when ‘Apply ARM’ button is clicked, the code is encrypted in the App, and ARM Client Loader is loaded to decode and execute the code.

3. After that, the developer registers the finally signed SS-APK as a final Binary according to the App uploading process of ONE store developer center.

4. When you purchse/execute an App applied with ONE store 2nd Generation ARM, the ARM Client Loader applied to the App is connected to the ARM Service to decipher the code and control execution according to permissions.

5. First-time network connection is required to check if the purchase is successfully made as you run the App applied with the ONE store 2nd Generation ARM. If the normal purchase history is checked, a license is saved in the device. Since then, if the license does not exist in the device, you can check through the network connection if the purchase is successfully made.

Acces the security center page via ONE store developer center > Apps > Security Center

‘Select Applied by OneStore developer center (Automatically)’(2nd Generation ARM)

Click Confirm button via Select Applied by OneStore developer center > Confirm

Upload APK & Request Signing

Upload the APK file to be encrypted.

Download SS-APK (Signed Secure APK) or S-APK

Once ARM is applied, you can download the encrypted and signed SS-APK.
However, if you have not entered signing information, you could download the unsigned S-APK.

Keystore uploaded for signing is deleted from the server and not saved after signing. If the Keystone file is not uploaded, it will not be signed and the developer is required to directly sign it.

For more information on the app signing, please refer to the link : https://developer.android.com/studio/publish/app-signing