Google Play App Signing service's main advantage?

Question

Is the new Google Play App Signing service's, main purpose to solve the issue of having to hard code your publisher public key into the APK's source code, as in base64EncodedPublicKey = "ABCjjjjas..." ?

Answer 1

No. Its to reduce the damage should your signing key be lost or compromised. Before that, if your key was lost you would have to contact google to use a new key. Old users would not be able to update your app without deleting it and reinstalling it. If you used key sharing to publish multiple apps that could read each other's data, all those apps would need to be changed. It was a nightmare you more or less were starting over.

With the new system, if your key is lost of compromised, you contact google. They allow you to upload a new upload key, and use the existing signing key (which only ever existed on the Google servers). This prevents all the old problems listed above.

Basically it eliminates the penalty for losing your signing key, and minimized the cost of it being compromised. Remember- if even one rogue employee wanted to screw you by releasing that key, you could have had serious issues.

Of course it does mean if the Google servers are ever compromised and the key storage leaked then the Android ecosystem is in major trouble. And that Google has everything they need to compromise your key without you ever knowing. So its whether you're more afraid of Google or of sloppiness, your own security practices, and rogue/disgruntled employees.