App Certification

Your app’s signature is a certification method where you can prove that you can sign an APK with the same signature as the app you are trying to certify. App certification can be performed using one of three methods.

1. Android Developer ID

Use your Google Play Store's account email to upload the app. Catappult will check the email address legitimacy and validate the ownership of the app.

2. Email

Insert your email to upload the app. If you have access to your Google Play account, a link will be sent to it for confirmation (the link is valid for a short period of time).

3. Via Signature

On Catappult's console, download the dummy APK file to sign and upload it back to the platform. The signature must match the one on the app you are trying to certify.

All you need to do is:

  • Create Keystore
  • Go to your app in Catappult
  • Download blank APK
  • Sign the blank APK
  • Upload the signed APK

You can check for more information here: Certify an app via signature - MacOS X / Linux / Certify an app via signature - Windows 10 / Certify an app using Unity.


How long does it take for my app to be certified? And trusted?
Catappult may take up to five business days to review the app certification request. During this period, you can i) change the information of your app, such as the title, description or screenshots; and ii) submit new apps for certification.
Catappult does not guarantee an exact response time for the trusted app certification, as it depends on the tests performed by the Security Team.

Why was my app certification denied?
The certification depends on the method applied.
When using Android Developer ID, make sure you have access to the email address connected to your app - public on Google Play Store. For the Sign APK method, please use the same signature as in the app you are certifying.
Nonetheless, your app might have been rejected due to non-compliance with Catappult's content guidelines, quality standards, app performance or stability issues and/or the presence of malicious code (malware, adware, phishing or similar).
Please, see our content restrictions for more detailed information.