Google disables Jelly Bean app encryption after issues with several paid apps

One of the key features in Android 4.1 Jelly Bean is that it automatically encrypts paid applications with a device specific ID, which ensures an app downloaded on a device can only be used on that particular device. This was created to combat the rampant piracy that has been seen on the Android platform.

Unfortunately, while the idea is excellent, the execution is not, as several developers and users of paid apps have found out.

The problem exists with the way the encrypted applications are downloaded and installed. In Jelly Bean, Google Play Store installs the application in the /mnt/asec folder (which is encrypted) instead of the /data/apps folder. When the OS boots, a service cache is generated for all the installed apps. Unfortunately, this process happens before the /mnt/asec folder is mounted, because of which the the OS cannot find the settings and other user profile data for the app, which causes the paid apps to reset and their data to be cleared every time the phone is rebooted.

There doesn’t seem to be any real solution to this problem at present, which has resulted in the encryption feature being disabled by Google. Since this is something only found in Jelly Bean, those running older versions of Android were never affected by it.

While it might seem like an oversight on Google’s part, as Android Police mentions, Google was actually aware of this issue since last month and instead of acting on it on a priority basis it was relegated to a medium priority status, something to be fixed in the next version of Android.

Hopefully, the system will be fixed and be back online. Not that it matters, because even with a fully functioning system Google can’t stop the various ways in which you can get and sideload pirated apps on Android.

Source