In the BillingService module, what needs to be modified to increase security?

Question

The comment for the class BillingService recommends that:

You should modify and obfuscate this code before using it.

OK, but

Answer 1

No good news here: You need to change anything you can, in addition to using Proguard. This includes merging classes, splitting them, moving certain methods from one module to another, and especially encrypting the purchase information stored into the database, as the description for the PurchaseDatabase class suggests:

You should use an obfuscator before storing any information to persistent storage. The obfuscator should use a key that is specific to the device and/or user. Otherwise an attacker could copy a database full of valid purchases and distribute it to others.

The reason is that with tools like AntiLVL it is very easy to compare your decompiled (obfuscated!) code to the original sample and deduct from it whatever needed to compromise it. It is impossible to completely prevent cracking, but you should try to make it as difficult as possible.