Why should I sign my apk before releasing to PlayStore?

Question

What exactly is the importance of signing an apk before releasing to the market?

Answer 1

Why?

Developers can prevent someone from tampering with their app.

Sign to protect your app!

This works in the public key cryptography. You are the only one who has the private key. You are the only one who can sign your apps. The user can trust the app being directly from you. It is mathematically proven to be unfeasible to tamper with the app if the private key is not available.

You know, in public key cryptography there are two keys like the sides of a coin. The private and the public key. You keep the private key secret. You lock it away and keep it secure. On the other hand you publish your public key.

These keys are like the sides of a coin because what you encrypt with one key you decrypt with the other key.

And how is this applied for app signing?

Signing is encrypting with the private key.

Because you publish the public key the app store and the users have your public key. They can decrypt your app and therefore know for sure that the app is really your own. Android and the app store does this for them.

The app store verifies the signature by decrypting with the public key.

That's all, folks.