What are AAB files for Android and how are they different from APKs?

Since the launch of Android more than ten years ago, APK files have been THE universal format for applications. It doesn’t matter if you are a developer or a user, if Google Play Store, APKMirror or EFNet is loaded, it is always APK. For developers, AABs are now required, and for Android users, APKs are more complicated.

The AAB obligation applies to all new apps as of August 2021. Developers can still upload updates for existing apps in APK format, so nothing will change here for now.

androidpit Best Apps 2015

APK or Nothing: In 2015 it was even easier with apps. / © NextPit

What are AAB files anyway?

“ABA” stands for android app bundle. All the code of the Android application program is stored in the AAB file. As soon as the development is complete, the developer uploads his app in AAB format to the Google Play Store, and you download it from there to your smartphone as usual.

At first glance, nothing changes at all, and not even at second glance. Because if you click “Download” on the Google Play Store, your smartphone will still download an APK file. So why all this nonsense?

What is the difference between AAB and APK files?

AAB files are custom made.

The difference between APK and AAB files is in what is called resources. Resources in an application are anything that is not programming code, such as images, language files, or music. If you now press the “Download” button of an application in the Play Store, Google will send you an APK file adapted from the AAB file for your device with only the resources you need.

Legacy APK vs. Dynamic Delivery

In the future (right), the downloaded APK file will only contain those resources that are required by the respective end device. The Netflix app, for example, was able to be reduced by more than half. / ©Google

Does your smartphone only have Full HD+ resolution? Then you get an APK without 4K material. Have you selected English and German as the device language? You probably don’t need Suomi. By the way, with the help of the Google toolkit, AAB files can also be converted locally to APKs.

Signed by Google instead of the developer

Another big difference is the signing of the applications. In the past, it was always the developers of an application who signed it with their developer key. This key can be used to check during installation on the smartphone whether the app has been compromised and, for example, contains malware, or has been activated for features that are otherwise subject to a charge.

2x application signing self-management diagram

This is how it used to work: the developer would sign the app with their key, upload the app, and Google would deliver it. Now the key is in Google. / ©Google

In the future, it will not be the developer who will sign the APKs, but Google, that is, by generating the APK files from the AABs. Logically, the keys will no longer be in the future in the developers, but in Google.

Are AAB files better than APKs?

Smaller file sizes than APKs

The first big advantage of AAB files is obvious: APKs generated this way are smaller. Google wrote in October 2018 that an average of 35 percent can be saved this way. At first glance, that doesn’t sound like much, but given the many app updates, it could eventually be put to good use.

Better protection for applications

Another benefit, especially for developers, is increased security. It will probably be more difficult to mod apps in the future, but the mod scene is unlikely to be excited about it. Who knows, maybe this will reduce the number of cheaters in AmongUs, even if I don’t really think so until now.

By the way, the Lite and Pro versions on the Play Store should also go away with the AABs. It used to be possible to install a paid Pro version after purchase thanks to the same signature as an upgrade over the Lite version. With AAB and the signing of Google, that is no longer possible; instead, developers have to switch to in-app purchases.

apk split delivery

Depending on the device, Google only includes the necessary components in the APK file. Due to the lack of x86 architecture, the Pixel 2 XL can do without corresponding modules. / ©Google

Easier upgrades and development

If APKs are assembled individually depending on the user or their hardware, this brings advantages for developers. As NDTV reports, thanks to the AAB format, updates can be played on specific devices at specific times. This is an advantage, especially given Android’s massive fragmentation, and could prevent broken updates or mitigate their effects in the future.

Even the development itself becomes easier. In the past, many developers have already uploaded multiple versions of APKs for their app to the Play Store, customized for different regions, languages, or processor architectures. In the future, developers will only need to upload a single universal AAB file.

Are AAB files worse than APKs?

AAB Files and Sideloading Mayhem

However, there are also disadvantages, in particular due to the signatures mentioned above. Do you want to download the new WhatsApp beta through APKMirror and try new features? Forget it, because APKMirror uses a different signature here than the Google Play Store. Sideloading apps on various third-party app stores might become a nightmare in the future. Hello, Windows 11 with APK and without AAB support.

Of course, you can simply uninstall the app and reinstall it on your smartphone from another source. But then you have to backup all the data and then import it again, depending on the application with more or less effort.

android applications windows 11

Microsoft has just announced APK support for Windows 11. / ©Microsoft

AAB gives power to Google

It can also be critically seen that in the future the signatures will be in the hands of Google. If the servers were ever hacked here, all the apps would be insecure in one fell swoop. And as fellow XDA-Developers explain: Google also has the power to switch apps on its own thanks to developer keys. Theoretically, if a government were to put the screws in Google, a backdoor could be built into a secure messenger without the developers’ knowledge.

Yes, Google attaches great importance to security. And yes, Google is more likely to withdraw from a market than to give in to the morally dubious wishes of the government there. But one thing is for sure: Google simply gets more power with AAB files. There is also an interesting discussion on this topic on StackOverFlow.

Correcting errors becomes more difficult

Another downside still affects app developers themselves and bug fixes, as developer Mark Murphy writes on Commonsware. If an individual user is having trouble with an app that the developer can’t reproduce, there used to be a simple remedy: Tailor the app, push it to the user, let them update the app with it, and hope the bug goes away. However, this was only possible because the developers were able to sign the apps themselves.

By the way, on Medium.com you have Android Developer Advocate Wojtek Kaliciński commented on many of the above points and other points of criticism.

AB: Yes or no?

The bottom line is that the AAB obligation shouldn’t change much for most users; otherwise we would have noticed something about it. After all, a large proportion of the top 1000 apps on the Google Play Store are already uploaded by their developers like AAB, although this is not required.

But the AAB format could spoil the fun of Android for fans, hobbyists, and one developer or another. After all: Google is not Apple and it is still possible to certify apps outside of the Play Store. Google hasn’t put an end to sideloading (yet). But Mountain View is working hard to consolidate the monopoly of the Google Play Store.