Android App Bundles (.aab) Explained

Join Eugine Tech On Telegram


Google is now introducing Android App Bundles to replace its standard format for app publishing popularly known as APK for its PlayStore. This format was introduced way back in 2018, as a new way to upload apps into Google Play. Fast forward to August 2021, and it is now a strict requirement that all new applications submitted to Google use the format.

To a normal user, Android App Bundles will not be visible as it is the work for developers to make the changes on their end before they submit the app. We’ll talk about how everything works and discuss the pros and cons of the move, but really there is nothing lost or gained for most users. “Most” being the operational word here — if you’re on a data bundle with a low cap or have a very slow connection, you will have slightly smaller downloads when you install an app.

Smaller downloads and shorter download times are great when they make a difference, so that’s good to hear. Let’s take a look at everything you need to know about Android App bundles.

What is an Android App bundle?

The extension .aab stands for (you guessed it) Android App Bundle and is much shorter to type and read, so we’ll be referencing them using this name we are not saying the older extension .apk was not as short as well.

If you like to play around with the system files on your phone or load apps from outside the Google Play store, you probably already know that Android apps use the .apk file format. They still do, but it might not have been uploaded that way if you installed the app through the Play store. Many popular apps are already using this Android App Bundle format, including major developers like Gameloft and Adobe.

Current APK files are made in such a way that they bundle everything a device needs to run an app into one package that you can install. For example, an English speaker installing an app on a smartphone needs different app assets than a French speaker installing the same app on a tablet. But a typical .apk file has both sets of assets (and a lot more) inside of it anyway because it had no idea what parts you’ll need when it was created.

Saving your data bundle

The new Android App Bundle file format comes to solve this issue, at least on the surface. Once a developer is finished writing and testing their app, they can package it up into a big file that contains everything needed to run on every device in every region the developer supports. This file is then uploaded to Google Play, where Google can turn it into an app that only has the assets and files you need to run the app on your device. Of course, this app is still in the “regular” .apk format, and you would never know there was anything different about the way it was uploaded if you didn’t read about it on the internet.

The result here is massive savings in the data used to download the app. But if you are using free Wi-Fi to install apps this may not be a huge benefit for you. It can matter greatly for those data bundles, however, saving download time is never a bad thing.

For Google, which serves a lot of apps to a lot of users every day, it makes a huge difference. Multiply 100Mb times 1,000,000 users, then multiply that number by 365. That amount of bandwidth makes a difference to any company — even Google.

The move to the .aab format doesn’t hurt the end-user and saves Google a ton of money. But there are a couple of other things that need to be mentioned that aren’t so good about it.

Google to sign apps for security reasons

Because .abb packages are turned into installable .apk files in the cloud, the signing is done by Google instead of being signed by the developers. That means the Developer needs to let Google assign a key when the app is created through developer software, or the developer needs to provide Google with their signing key.

Signing keys is a very important aspect of app security, and before the idea of Android App Bundles, packages arose. Google has clearly told developers to never let them out of their possession because it could allow someone else to imitate them as far as the app was concerned. So if you have a developer’s signing key, you can make a malicious update to my app, to add malware.

The possibility that some hacker can breach the Play store and sign malware using the right keys is very unlikely, but it does give Google a little more control than it had in the past. Developers, however, are rightfully concerned about this. Google’s response has been to provide a code transparency system where a developer can include some code in their app, which is later used to check that the app generated by Google matches what they uploaded.

Several people have raised concern that only Google Play supports apps in the Android App Bundle format and third-party app stores face another uphill battle when it comes to adoption. To fix this, Google has made it so that a developer can download an .apk of their app signed with the correct key through the Google Play Developer Console at any time, whether it has been published or not. 

Do you think I have missed some Important information? If so, let me know in the comment section below.

Do you think app bundles are a good replacement for apk files?