Secure keys in Java file like API keys, etc from hackers

Question

I am building an Android app and I am worried about app security of API and other keys. So I need a method to secure them from hackers!

I have already tried to store these keys on Firebase but it is not a perfect method as it uses a lot of data on Firebase and took time to receive.

Answer 1

A safe option would be saving the KEY API values inside the local.properties file.

Inside your app/build.gradle file add the reference to the API KEY:

android {
     ...

    defaultConfig {
        ...
        buildConfigField "String", "myAPI_KEY", "\"API_KEY_VALUE\"" 
        ...
    }
     ...

}

Inside the local.properties file add the entry that defines the value of the API KEY:

API_KEY_VALUE="AIzaSy..............."

then, build your project and you can get the value of the API KEY from the BuildConfig class, example:

 String myApiKey = BuildConfig.myAPI_KEY;