Dealing with Pirated App Users

Back in the days when Android didn’t offer In-App upgrades, app developers usually offered two apps for the same product: a free one with limited functionality and a paid one which unlocked every feature.

This is exactly what I did with the Remote Control Collection. Allthough I integrated In-App upgrades into the free app as they became available, I still maintain the standalone Pro Version of the app.

APK Piracy

As you know for sure, you can basically get any paid Android Application Package by searching for “(app name) pro apk”. When you’re gaining a growing user base, APK files from your own apps will pop up. And there’s nothing you can do about it.

Image for post

Just like expected, the Remote Control Collection Pro was no exception. When the first APK files appeared online, I contacted the file hosters and asked them to remove the files. They removed them every time and added the hashes to a blacklist, but of course people just zipped the APKs and re-uploaded them.

It’s a cat and mouse game that you, as an indie developer, can not win. But I didn’t want it to stay that way. I’ve spent way too much time with builing this product, I wasn’t willing to accept the fact that anyone can simply download a pirated APK and get access to the premium features of my app. So I ended up doing the following.

Detecting Pirated App Installs

At first I needed to get an idea of how many people actually use a legit version of the app and how many don’t. I created an update for the Pro Version that ran the following code once the app was opened:

I used Google Analytics Event Tracking and decided to not perform any action in case of an untrusted installation yet. But how to detect if an installation is trusted or untrusted? My magic looks like this:

I used the Android Package Manager to figure out the package name of the application that installed my app. I also tracked these package names to see where my app installs are coming from.

When I checked my Google Analytics dashboards a few days later, I was shocked. More than half of my users pirated the app. 55.72% to be exact. I don’t need to tell you how much extra revenue that would be if everyone would have purchased the app.

Handling Pirated App Installs

Once a user opens the app, I know if it’s a legit install or not. Now what? Kindly ask them to pay? Instantly kill the app? Secretly send some SMS to my own 0800 number?

I figured that the best thing to do would be to simply downgrade the app back to the free version, while also letting the user know why. To give you an idea of how the (legit) Pro Version looks:

Image for post
Legit App

But if I’m sure that the user pirated the app, by checking the installer ID as mentioned above, I’ll tweak the UI a bit:

Image for post
Pirated App

This basically leaves the user with the features of the free app. Oh, and the user will see twice as many ads as they would in the free app. There has to be some punishment, right?

In the long term, this worked out pretty well. The percentage of sessions from pirated app users dropped to 45.82% (people are still trying), while my ad revenue increased by 4% (due to the fact that the free app generates far more impressions).

Written by

Lead Software Engineer at neXenio

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store