Google Play Store

Android Submission Process

12 min readJul 24, 2024

After reading … please feel free to use our Release Dashboard

Y? LabZ - Release

Release

Releasewww.ylabz.com

At the end we have a check list you can use 👇🏽

Before submitting Please read our article on Android Performance Tuning

~~~

As you can see below we publish many apps …

And here is the process to submit your app to the Google Play Store.

How to Submit an App to the Google Play Store

Submitting your app to the Google Play Store can be a fulfilling process, allowing you to share your creation with millions of users worldwide. Whether you’re an indie developer or part of a larger team, this guide will walk you through each step to ensure your app is ready for publication.

Step 1: Prepare Your App for Submission

Before submitting your app, you must ensure it meets Google’s guidelines and requirements. Here’s what you need to do:

1.1 Use AI to Develop and Test Your App

Ensure your app is fully developed, tested, and free of bugs. Use various devices and Android versions to test compatibility and performance. Google provides tools like Android Studio, which can help with testing and debugging.

We have many articles on this (Android & iOS dev):

Android & iOS Dev Together

Thinking in Android & iOS at same time

zoewave.medium.com

1.2 Follow Google’s Developer Policies

Skim the Google Play Developer Policies to ensure your app complies with all rules … just try to jump though all the hoops … the rules change all the time :-( sometimes for the better :-)

1.3 Prepare Your App Keys

Your App needs two keys.

Here is the difference:

There are two main keys involved in signing your Android app:

App Signing Key (Android Studio):

This is the private key you use to sign your app for release. It’s crucial for verifying the authenticity and integrity of your app.
You create and manage this key in Android Studio.

Crucially, it should be kept secret.

2. Upload Key (Google Play Store): (Optional)

This is an optional key you can use for signing app updates before uploading them to the Google Play Store.
If you opt into Play App Signing, Google generates and manages this key for you.
You can also generate your own upload key.
While important, it’s less critical than the app signing key. Its compromise can be recovered from by generating a new upload key.

Here’s a table summarizing the key differences:

In essence, the app signing key is the foundation for all signed versions of your app, while the upload key is an extra layer of security specifically for updates on the Play Store.

Don’t Let Your App Get Hacked (API Keys)

In today’s developer landscape, APIs are the lifeblood of many applications. They allow seamless integration with external services, unlocking powerful functionalities. But with great power comes great responsibility, especially when it comes to securing your API keys. These keys act as digital passports, granting access to sensitive data and functionalities. Exposing them can be catastrophic, leading to financial losses, data breaches, and most importantly reputational damage.

Safeguarding Your API Keys

This section dives deep into the dangers of insecure API key management and provides best practices to keep your app safe.

The Peril of Exposed Keys: Imagine leaving your house key lying around in plain sight. Anyone who finds it can waltz right in. Similarly, an exposed API key hands unauthorized individuals the keys to your app’s functionalities. Here’s what could happen:

Data Breaches: Malicious actors can exploit stolen keys to access sensitive user data or internal resources.
Financial Loss: In APIs tied to financial services, stolen keys can be used for unauthorized transactions.
Denial of Service (DoS) Attacks: Hackers can use your key to overwhelm the API with requests, rendering it unusable for legitimate users.
Reputational Damage: A compromised API can damage your brand’s image and erode user trust.

Keeping Your Keys Safe: Here are some essential steps to ensure your API keys remain secure:

Never Store Keys in Source Control: This might seem obvious, but it’s a surprisingly common mistake. Version control systems like Git are not designed for storing sensitive information. A single accidental push can expose your key to the entire world.
Leverage BuildConfig (Android — Still Not Secure): For Android development, Google recommends using Gradle’s BuildConfig to manage API keys. This allows storing them outside your source code, accessible only within the compiled application. Here’s an example:

`apiKey = BuildConfig.apiKeyGem`

private val generativeModel = GenerativeModel(
        modelName = "gemini-1.5-pro-latest",
        apiKey = BuildConfig.apiKeyGem,
    )

Server-Side Retrieval (Still Not Secure): While tempting, fetching your API key from a server at runtime is not foolproof. While it removes the key from your app code, a compromised server can still expose it. This approach is only marginally better than embedding the key directly.

The Recommended Approach:

The most secure solution is to utilize a backend server as an intermediary. This server acts as a gatekeeper, securely storing your API key and handling communication with the external API. Your mobile app interacts only with the backend server, eliminating the need to embed the key directly:

Mobile App -> Secure Backend Server (with API key) -> External API

Additional Security Tips:

Implement access controls: Restrict access to your API based on roles and permissions.
Monitor API usage: Keep an eye on unusual activity patterns that may indicate unauthorized use.
Rotate API keys regularly: Change your keys periodically to minimize damage in case of a breach.
Consider additional security measures: Explore multi-factor authentication and other advanced security techniques.

By following these practices, you can effectively safeguard your API keys and prevent a security breach from derailing your app. Remember, security is an ongoing process. Stay vigilant, keep your tools updated, and ensure you prioritize the safety of your users’ data and the integrity of your app.

1.4 Have GenAI Create an App Icon

Design an app icon that is 512x512 pixels in 32-bit PNG format. Ensure it is clear, professional, and represents your app well.

You can be as creative or professional as you need to be

Import your icon by setting the “Image Asset” in Android Studio …

Set and Scale your App Icon using Android Studio

Create a directory in your Google Drive folder for the App and place all the AI generated content in the folder.

1.5 Have GenAI Write a Compelling App Description

Create a video of you app working. Give this to GenAI and ask it to generate an Ad copy for the video.

It will generate a concise and engaging description of your app, highlighting its features, benefits, and unique selling points. Use relevant keywords to improve discoverability.

Here we see Gemini analizing the video:

Gemini can “watch” videos and give a summary.

You can try it with our WindWaveSnow video.

Gemini generating a description for our app.

The app can display various weather conditions, including wind speed, wind direction, wave height, rain, snow, and sunshine. The AI generates graphics for each weather condition, such as falling snow and rain.
Overall, the app is a convenient way to get weather information for different locations. — Gemini Generated Discription.

1.6 Prepare Screenshots and Promotional Graphics

Prepare screenshots of your app in use. These should be high-quality images showing key features and functionality. Additionally, create a feature graphic (1024x500 pixels) and, optionally, a promo video.

You can use Gemini to make some banner graphics about your App. Here is some fun graphics for WindWaveSnow.

Step 2: Set Up a Google Play Developer Account

To publish apps on the Google Play Store, you need a Google Play Developer account.

2.1 Sign Up for a Developer Account

Go to the Google Play Console and sign in with your Google account.
Pay the one-time registration fee of $25.
Complete the account details, including your developer name and email address.

2.2 Accept Developer Agreement

Read and accept the Google Play Developer Distribution Agreement.

Step 3: Create a New Application in the Google Play Console

3.1 Start a New App

Log in to the Google Play Console.
Select “All apps” and click on “Create app.”
Enter your app’s name, choose the default language, and specify whether it’s an app or game and if it’s free or paid.
Click “Create.”

3.2 Complete the App’s Store Listing

Fill in the required information, including:

Title: Your app’s name.
Short Description: A brief summary of your app.
Full Description: Detailed information about your app.
Screenshots: Upload high-quality screenshots.
Feature Graphic: Upload your feature graphic.
App Icon: Upload your app icon.
Promo Video (optional): Link to a YouTube video showcasing your app.

Step 4: Upload Your App Bundle or APK

Prepare your app bundle (.aab) file using Android Studio. The app bundle is preferred as it allows Google Play to optimize and deliver the app to users efficiently.

We keep all our info in Google Docs because we are a small fish and not a target for hackers. This keeps our info safe but easy to find.

This will make a <App Filename>.aab file in your release directory

This we upload to the Google Play Store:

Note for 2024:

Google Play Store enforces a min target API level.

4.2 Privacy Policy

Set you Privacy Policy found in the → Policy and Programs → App Content

We do not collect or store any user data … easy!

4.3 Review and Release

Review the information and click “Save.”

So exciting … your app is now in review … and on it’s way to distribution!

App Release Checklist

This document outlines the essential steps required to prepare the AshBike app for a production release on the Google Play Store.

1. Code Review and Finalization

[ ] All @Preview annotations have been removed from the UI Composables.
[ ] All @VisibleForTesting annotations have been removed from classes and methods that are not intended for testing in the release build.
[ ] The ForegroundService.kt logging has been updated. Specifically, all Log.d calls should be conditional to a debug flag.
[ ] All TODO comments have been resolved or re-evaluated for the release.
[ ] Ensure that a final code review has been conducted by at least one other developer.

2. Configuration and Build Settings

[ ] In build.gradle.kts, the versionCode has been incremented.
[ ] In build.gradle.kts, the versionName has been updated (e.g., from 1.0.0-beta to 1.0.0).
[ ] The proguard-rules.pro file has been reviewed to ensure proper obfuscation and minification without breaking app functionality.
[ ] The AndroidManifest.xml file has been reviewed for any debug flags (android:debuggable), and these are set to false for the release build type.

3. Localization and Resources

[ ] All strings in strings.xml have been reviewed for correctness and clarity.
[ ] All necessary translations for supported languages have been provided.
[ ] All drawable resources (icons, images) are optimized and correctly sized for different screen densities.

4. Testing

[ ] The app has been thoroughly tested on a range of physical devices, including various screen sizes and Android versions.
[ ] All core functionalities (start/stop ride, data reset, data saving) work as expected.
[ ] The foreground service notification appears and functions correctly during a ride.
[ ] The app handles location permission changes gracefully.
[ ] Battery usage has been profiled and is within acceptable limits for both active and passive modes.

5. App Signing and Bundle Generation

[ ] The app is signed with the official release keystore.
[ ] A final Release AAB file has been generated for the AshBike module.
[ ] The .aab file has been analyzed using the APK Analyzer in Android Studio to confirm:
[ ] The package name is com.ylabz.basepro.applications.bike.
[ ] The classes.dex files only contain the code for the AshBike app and its core dependencies.
[ ] The AndroidManifest.xml correctly declares the app's components and permissions.

6. Store Listing and Metadata

[ ] App screenshots and a promotional video have been prepared.
[ ] The app description, title, and keywords are finalized for the Play Store listing.
[ ] The privacy policy URL is updated and accessible.
[ ] Content ratings and target audience are correctly configured.

7. Rollout

[ ] The AAB file is uploaded to the Google Play Console.
[ ] A phased rollout is configured (e.g., 5% rollout) to monitor for crashes or issues.
[ ] App vitals and crash reports are actively monitored during the rollout.

Google guild to releasing an App to the Google Play Store

Prepare your app for release | Android Studio | Android Developers

Learn how to build a signed, release-ready APK. This process is the same for all Android apps.

developer.android.com

Release | Google Play Console

Play Console tools can help developers publish, manage, and release apps successfully. Explore these mobile app launch…

play.google.com

The official Android documentation page on preparing apps for release serves as a comprehensive guide for developers to transition their app from a development state to a production-ready state. It outlines the crucial steps that ensure an app is secure, performant, and correctly packaged for distribution on the Google Play Store.

The page is structured around four key areas:

Configuring Your Build: This section emphasizes the importance of setting a proper versionCode and versionName to manage app updates effectively. It also details how to configure release and debug build types, highlighting that release builds should have code shrinking (via R8) enabled to minimize the app's size and obfuscate the code.
Signing Your App: A secure app signing key is mandatory for all apps on Google Play. The guide explains how to generate a signed APK or Android App Bundle (.aab) using the built-in wizard in Android Studio. It differentiates between the insecure debug key used for development and the official release key required for public distribution.
Testing Your Release Build: The documentation strongly recommends performing final quality assurance on a release build of your app. This is to catch any issues that might arise from code shrinking and optimization. A key point is to test on various physical devices and Android versions to ensure broad compatibility. It also highlights the recent requirement for apps targeting Android 15+ to be compatible with 16 KB memory page sizes.
Creating and Analyzing the App Bundle: The document strongly encourages developers to build and upload an Android App Bundle (.aab) rather than a traditional APK. It explains that this allows Google Play to deliver optimized APKs to individual users, leading to smaller downloads and installs. The APK Analyzer tool in Android Studio is recommended to inspect the contents of the final bundle or APK to confirm that everything is correctly packaged.

Conclusion

Submitting your app to the Google Play Store involves careful preparation, compliance with guidelines, and thorough testing. Following this guide will help you navigate the process smoothly and get your app ready for millions of users. Good luck with your app submission!

Note 2024 Update: everyone needs to verify accounts: