How to securely use service account credentials in an Android App
I have an Android application distributed to my users through an .apk file. That app collects some data, and my goal is to upload that data to a cloud service, like BigQuery. To achieve this, I am using my BigQuery's service account credentials, and at this moment, they are hardcoded into my code. I thought about encrypting them, but the encryption/decryption keys would be stored in the app anyways.
I am a Junior developer and I've done some extensive research on this, but couldn't find any solutions. It feels like every option has room for hackers to steal my credentials.
Is there a solid way to deal with this? Is using service accounts the best approach here? Which solutions can I search for?
I'd already be very happy if anyone would at least point me in some direction, give me a topic to search, or anything.
Thanks in advance!
