AFAIK Android decompilation allows one to extract every bit of information from an apk.
How can I store information like ftp passwords or other confidential strings in Java or any other XML file? Is there any way other than calling a service?
String uname = "mks";
String arrayOfString = new String; arrayOfString = "mks"; arrayOfString = ("my" + "pass" + "word");
You're talking about obfuscating a string here. One of the easiest ways to accomplish this is to split it up into multiple parts in your code, and then combine these together to make the final result. All your strings are still present, but they will be hard to put back together again.
For example, if the password you're trying to hide is "102938475601", here's one way to do it:
// Declare the parts String part2 = "3847"; String part1 = "1029"; String part3 = "5601"; // Log in to the server ftpServer.sendLogin("username", part1+part2+part3);
This is a very simple form of obfuscation. If you're more keen on protecting the data, you could try additional methods such as encrypting the password with a non-standard form of encryption, and splitting the key up as described above.
But ultimately you're correct - there's no guaranteed way to package data in an Android app without it being accessible to anyone who decompiles the app. All you can do is make it harder for them to interpret whatever data they can find.