使用僵尸网络+ APK的Google Maps API密钥滥用

Question

我要做一个应用程序，其中使用谷歌地图API。我们都知道这不是免费的搜索等等。

此API密钥需要保存在应用程序代码中，可以进行逆向工程和提取。

如果有人使用僵尸网络+我的apk文件来排空我的Google Maps帐户怎么办？

Answer 1

如果您的$$密钥不受限制，您可以看到API高额账单。

要进行限制，请按照以下步骤操作：

为API密钥设置应用程序限制

Visit the credentials panel.

Select the API key that you want to set a restriction on. The API key property      page appears.

Under Key restrictions, select Application restrictions.

Select one of the restriction types and supply the requested information following the restriction list.

Android apps    


Add your package name and SHA-1 signing-certificate fingerprint to restrict usage to your Android app.

Below the types, add the SHA-1 signing-certificate fingersprint and your Android package name from your AndroidManifest.xml file.


iOS apps    

Accept requests from the iOS app with the bundle identifier that you supply.

Below the types, select the appropriate iOS bundle identifier from the list.



Click Save.


The restriction becomes part of the API key definition after this step. If you fail to provide the appropriate details or do not click “Save”, the API key will not be restricted.