Rename Private Members
| Plan | Platforms | MASVS |
|---|---|---|
| Team | Android | MASVS-RESILIENCE-3 |
Summary
Rename Private Members changes supported private field and method names in Android application code to less meaningful identifiers during protected build creation. This reduces the amount of useful structure visible to decompilers while preserving public interfaces that frameworks and dependencies are more likely to rely on.
Use this control as a practical baseline for Android apps that need stronger resistance to static analysis without the heavier compatibility profile of advanced code encryption.
What It Protects Against
- Reverse engineering that depends on descriptive private method or field names.
- Automated analysis that searches for sensitive naming patterns.
- Fast codebase mapping by attackers who inspect decompiled output.
- Intellectual property exposure through readable private implementation names.
How It Works
AppTego applies the rename during protected build creation and avoids changing public API surfaces that are more likely to be referenced by app frameworks, libraries, or platform tooling. The result is a release artifact where private implementation names reveal less about app behavior.
How to Enable the Control
Navigate to Code Obfuscation from the AppTego portal, and expand the Name Obfuscation section. Under this section you will find the Rename Private Members control. Click Enable to apply it to the next protected build.
API Configuration Example
{
"RenamePrivateMembers": {
"protection": true
}
}| Field | Purpose |
|---|---|
protection | Enables rename private members for protected builds. |
Setup
- Open the AppTego Portal.
- Select the intended configuration version.
- Open Code Obfuscation.
- Enable Rename Private Members.
- Save the configuration.
- Build a protected Android app.
- Run login, purchase, deep-link, reflection-heavy, and native bridge flows before promotion.
Compatibility Guidance
| Area | What to validate |
|---|---|
| Reflection | Code that accesses private members by name can be sensitive to renaming. |
| Serialization and persistence | Validate libraries that infer behavior from field or method names. |
| Native bridges | Test native bridge code that may reference private members indirectly. |
| Dependency injection | Confirm generated or runtime injection frameworks still resolve expected members. |
User And App Impact
Users should not notice this control when compatibility checks pass. Developers may see less descriptive private names in crash traces or decompiled output from protected builds. Keep unobfuscated build artifacts available for debugging and support workflows.