However, the names of Android components remain unchanged and some code, like key-values used in the app, remains unchanged. When I reverse engineer an APK file generated using a signed keystore and Proguard, I get obfuscated code. I have used the Proguard tool provided with the Android SDK. It's very easy to reverse engineer an Android APK file - for more details see Stack Overflow question Reverse engineering from an APK file to a project. zip then they can unzip it and easily access all the app's resources and assets, and using dex2jar and a Java decompiler, they can also access the source code. I am developing a payment processing app for Android, and I want to prevent a hacker from accessing any resources, assets or source code from the APK file.