AAB files, what are they and what are they for
AAB files, what are they and what are they for
The APK format (Android App Package) is no longer the standard for Android devices: As early as August 2021, the Google Play Store confirmed the obligation to use the AAB file format ( Android App Bundle) for new applications.
This is undoubtedly an important change in the world of Android, with long-term consequences that could completely change the way we relate to this operating system, which however has not even been noticed by most end users.
In this article we will therefore try to clarify the AAB files, emphasizing the differences with the APK files and highlighting the advantages and disadvantages of this new standard.
Android App Bundles: What are they?
AAB (Android App Bundle) is a modular packaging format for Android applications introduced by Google in 2018. Like an APK, an AAB package contains the code of Android applications as well as the resources that are part of it, such as images, audio, and other multimedia content but also translations into different languages.
Once the development of the app is completed, the developers upload it to Google Play, which in turn manages the generation of the package signing keys in the cloud. The latter are then downloaded by users via the Play Store in APK format, just like in the past.
APK files: what they are and how to install them on your Android
So if on the end user side there is apparently no difference, why is the transition to the AAB standard so relevant in the world of Android and why does it play a crucial role in reducing the size of applications downloaded from the Play Store?
AAB vs APK: all the differences
As already mentioned, the AAB and APK formats have two main differences, respectively in the distribution of resources and in the generation of signature keys. To better understand them, let’s take as an example an application that contains, within the package resources, the following elements:
Italian and Chinese language
Let’s assume that the end user who wants to download the app has a smartphone that only supports FHD resolution and has set Italian as the default language. By downloading a “classic” APK, the user will receive all four of the resources mentioned in the package, including those not supported by his device.
By downloading an application uploaded to the Play Store in AAB format, Google will instead return only the necessary resources, creating an ad hoc APK package for each user’s needs called split APK. Returning to our example, there will be no need to increase the weight of the app with 4K content or files containing Asian languages.
Obviously, if our hypothetical user decides to learn Chinese and sets it as the default language on his device, Google Play will take care of updating the application’s split APK by adding the requested functionality.
The second major difference between AAB and APK concerns signing keys, which in the case of Android App Bundles are managed directly by the Play Store. The signature keys have security purposes and are used to verify the possible compromise or tampering of a package by malicious people.
In the case of the AAB, therefore, it will be Google itself, and no longer the developer, who will sign the application package downloaded by users. The security of these signature keys is guaranteed by Google’s Key Management System, a secure and functional in-cloud structure.
To configure app signing by Google Play, developers will need to :
Create an upload key and sign the app package;
Prepare the release and change the signing key in the app to the key generated by Google;
Register your Google Play app signing key with your API provider if your application requires it.
Advantages and disadvantages of AAB files
The most obvious benefit to end users of using the AAB format is the reduction in the size of app packages, although there seems to be no consensus estimate of the actual impact of this new format.
In 2018 Dom Elliott, Product Manager at Google Play, estimated in a Medium article a 35% reduction in the size of app packages thanks to the AAB format, specifically designed to solve the problem of excessive app weight, which has a negative impact on download and usage statistics by the user.
In a 2021 post, Google lowers this estimate to 15%. In any case, the transition to a dynamic and modular system for downloading resources linked to an app represents an advantage in favor of AAB files, even if more limited than initial expectations.
This new format also guarantees developers faster application updates, since specific features can be targeted to different categories of devices, thus also reducing the risk of errors and internal incompatibilities. Just to further facilitate this process, Google has recently introduced a system of performance classes for Android devices.
Instead of uploading Pro and Lite versions of the same product to the Play Store, or separate applications based on the target language, developers will be able to upload a single AAB file containing all resources via Android Studio or the command line. The Play Console will allow the upload of packages up to 150MB, with the possibility of extension up to several GB via game asset packs.
However, there are some disadvantages to using AAB files, mainly due to the very nature of Android as a system that is open to installing third-party content. The changes introduced in the signing keys make Play Store apps and updates from other stores, signed by the developer and not by Google, incompatible with each other.
The fact that Google now holds app signing keys also raises some security concerns. The transparency code of the Mountain View company is sufficient not to raise alarms, reports XDA Developers, but in any case, there is a potential, even if very low, risk of a data breach or tampering with permissions:
In the traditional model of distributing apps via APK, Google can’t modify apps without changing the signature. […] With App Bundles and app signing, Google could silently inject its own code into apps before distributing them. The signature would not change because Google would still own the signing key.
It should be specified that the latter possibility is extremely remote: as demonstrated by the recent choices made by the company in Russia, it is more probable that Google withdraws altogether from a market where transparency conditions are not respected rather than authorizing this type of tampering.
The Future of Android: The End of Sideloading?
As already mentioned, using AAB files complicates sideloading procedures in the case of updates or beta versions of Play Store apps. Thinking about the long-term prospects of Android, however, this progressive centralization could endanger the activity of sideloading in its entirety.
While Google doesn’t seem intent on ending sideloading in the same way Apple does, which hinders this practice in every possible way, the progressive replacement of the APK format by AAB undoubtedly makes it more difficult to find and download app packages in this new format out of the Play Store.
However, there are third-party sources such as APKMirror and APKPure who have found a way around this problem, by creating alternative packaging formats such as APKM and XAPK, which also contain basic APK files and extra resource packs, which can be installed using applications such as Split APKs Installer.
