Google Play’s app serving model, called Dynamic Delivery, uses Android App Bundles to generate and serve optimized APKs for each user’s device configuration, so users download only the code and resources they need to run your app.
— Android Documentation
Adaptive layouts
Image by
android-developers.googleblog.com
With the growth in the use of mobile devices with different form factors, we need to have tools that allow us to work with our Android applications adapted to different types of screens. That is why Android provides us with Window Size Classes, which, in a simple way, are three large groups of screen formats that mark critical points for us to develop our designs. With this we avoid the complexity of thinking about many screen designs to reduce our possibilities to 3 groups which are: Compat, Medium and Expanded.
Windows Size Classes
Image by
developer.android.com
Image by
developer.android.com
Support different screen sizes
Another important resource that we have are the Canonical Layouts, which are predefined screen designs that can be used for most scenarios in our Android applications and also show us a guide on how to adapt them to large screens.
Other related resources
Form-Factor Training
Localization 🌎
Localization involves adapting a product to meet the needs of diverse audiences in different regions. This includes translating text, adjusting formats, and considering cultural aspects. Its advantages include access to global markets, enhanced user experience, increased customer satisfaction, competitiveness in the global market, and compliance with local regulations.
Note: BCP 47 is a standard used by Android for internationalization
References
Performance 🔋⚙️
Image by
android-developers.googleblog.com
While we develop applications for Android, we must ensure that the user experience is better, not only at the beginning of the application but also throughout its execution. For this reason, it is important to have tools that allow us to carry out a preventive analysis and constant monitoring of cases that may affect the performance of the application, so here is a list of tools that will help you with this purpose:
In-App Updates
When your users keep your app up to date on their devices, they can try new features, as well as benefit from performance improvements and bug fixes. Although some users enable background updates when their device is connected to an unmetered connection, other users might need to be reminded to install updates. In-app updates is a Google Play Core libraries feature that prompts active users to update your app.
The in-app updates feature is supported on devices running Android 5.0 (API level 21) or higher. Additionally, in-app updates are only supported for Android mobile devices, Android tablets, and Chrome OS devices.
— In-App Updates documentation
Image by
developer.android.com
In-App Reviews
The Google Play In-App Review API lets you prompt users to submit Play Store ratings and reviews without the inconvenience of leaving your app or game.
Generally, the in-app review flow can be triggered at any time throughout the user journey of your app. During the flow, the user has the ability to rate your app using the 1 to 5 star system and to add an optional comment. Once submitted, the review is sent to the Play Store and eventually displayed.
To protect user privacy and avoid API misuse, there are strict guidelines that your app should follow about when to request in-app reviews and the design of the review prompt.
— In-App Reviews documentation
Observability 👀
Image taken from
Elastic Blog
In an increasingly competitive app ecosystem, achieving a good user experience begins with ensuring that the app is bug-free. One of the best ways to ensure that the app is bug-free is to immediately detect issues as they arise and know how to start addressing them. Use Android Vitals to identify the areas of your app that have the most crashes and issues with responsiveness. Then, utilize custom crash reports in Firebase Crashlytics to get more details about the root causes in order to troubleshoot the issues effectively.
Tools
Accessibility
Image by
fscl01.fonpit.de
Accessibility is an important feature in the design and construction of software that provides the ability for people with accessibility needs to use the application, in addition to improving their user experience. Some disabilities that this concept aims to improve are: people with vision problems, color blindness, hearing problems, dexterity problems, and cognitive disabilities, among others.
Considerations:
- Increase text visibility (Color contrast, Resizable Text)
- Use large, simple controls
- Describe each UI element
Check Accessibility — Android doc.
Security 🔐
Image by
android.com
Security is one, if not the most important aspect, that we must take into account when developing applications that protect the integrity of the device, the security of the data, and the trust of the user, which is why I list below a series of tips that will help you with this purpose.
- Sign in your user with Credential Manager: Credential Manager is a Jetpack API that supports multiple sign-in methods, such as username and password, passkeys, and federated sign-in solutions (such as Sign-in with Google) in a single API, thus simplifying the integration for developers.
- Encrypt sensitive data and files: Use EncryptedSharedPreferences and EncryptedFile.
- Apply signature-based permissions: Use signature-based permissions when sharing data between apps you have control over.
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.myapp">
<permission android:name="my_custom_permission_name"
android:protectionLevel="signature" />
- Do not put keys, tokens, or sensitive data required for your application’s configuration directly inside files or classes that are inside the project repository. Use local.properties instead.
- Implement SSL Pinning: Use SSL Pinning to further secure communications between your application and remote servers. This helps prevent man-in-the-middle attacks and ensures that communication only occurs with trusted servers possessing a specific SSL certificate.
res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<domain includeSubdomains="true">example.com</domain>
<pin-set expiration="2018-01-01">
<pin digest="SHA-256">ReplaceWithYourPin</pin>
<!-- backup pin -->
<pin digest="SHA-256">ReplaceWithYourPin</pin>
</pin-set>
</domain-config>
</network-security-config>
- Implementa Runtime Application Self Protection (RASP): It is a security technique that protects applications at runtime against attacks and vulnerabilities. RASP works by monitoring the application’s behavior and detecting suspicious activities that could indicate an attack. some of the advantages that RASP provides us:
- Code Obfuscation.
- Root Detection.
- Tampering/App Hook Detection.
- Prevention of reverse engineering attacks.
- Anti-Debugging Techniques.
- Virtual Environment Detection.
- Runtime Analysis of App Behavior.
Look at this article for more information: Runtime Application Self Protection techniques(RASP) in Android Apps. Also some Security guidelines by Android
Version Catalogs
Gradle provides a standard way to centrally manage project dependencies called the version catalog; it was experimentally introduced in version 7.0 and officially released in version 7.4.
Advantage:
- For each catalog, Gradle generates type-safe accessors so that you can easily add dependencies with autocompletion in the IDE.
- Each catalog is visible to all projects of a build. It is a central place to declare a version of a dependency and to make sure that a change to that version applies to every subproject.
- Catalogs can declare dependency bundles, which are “groups of dependencies” that are commonly used together.
- Catalogs can separate the group and name of a dependency from its actual version and use version references instead, making it possible to share a version declaration between multiple dependencies.
see more
Secrets Gradle Plugin
Google strongly recommends that you not check an API key into your version control system. Instead, you should store it in a local secrets.properties file, which is located in the root directory of your project but excluded from version control, and then use the Secrets Gradle Plugin for Android to read the API key.
Logger
A logger is a software tool used to register information about the execution of a program; important events, errors debug messages and other information that may be useful in diagnosing problems or understanding how a program is working. Loggers can be configured to write messages to different locations, such as a log file, to the console, to a database, or by sending the messages to a logging server.
Linter / Static Code Analyzer
Image taken from
https://miro.medium.com/
Linter is a programming tool that is used to analyze the program source code to find potential problems or bugs in the code. These issues can be syntactic, inappropriate code style, lack of documentation, security issues, and so on, and they can have an impact on the quality and maintainability of the code.
Google Play Instant
Google Play Instant enables native apps and games to launch on devices running Android 5.0 (API level 21) or higher without being installed. You can build these types of experiences, called instant apps and instant games, using Android Studio. By allowing users to run an instant app or instant game, known as providing an instant experience, you improve your app or game’s discovery, which helps drive more active users or installations.
— Overview of Google Play Instant
