| The real Google response would be - it's to facilitate a migration to new signing keys in case the developer: 1. Loses their signing keys 2. Needs to migrate to a better signing algorithm Google can just handle that on your behalf. Additionally, there's no more need to care about signing keys at any point in the development pipeline. Rather than keep it secret, anyone with proper access to the Google developer console can sign and release apps More cynically, what they're really guarding against is other app stores. It's MUCH harder to migrate an app from the Play Store to another store if the signatures don't match. * Without a matching signature, the user can't pull their data from Google in the same way. They'd have to completely uninstall and reinstall the app, potentially losing data if the app isn't backed by a server. * With a matching signature, the other app store should pick it up seamlessly. Modifying apps without opt-in seems like a step further than they'd be able to pull off without massive backlash right now. |