Top 3 most common Android Security rules

Android Security Rules

1. Don't save your API Keys as a constant in code because this makes it easy for people to reverse engineer your app and find them. Instead, save them in a local Gradle properties file and restrict them server-side as much as possible because you can't completely prevent reverse engineering.

2. Keep your dependencies UP-TO-DATE

   Unless something else forces you to use an earlier version, you should usually update dependencies, which can help to fix vulnerabilities.

3. Do not save passwords and tokens in SharedPreferences; instead, use the encrypted SharedPreferences from the JetPack crypto library.