Note: We’ll decline all APKs with ‘debug’ certificate, which are not safe. Trusted Badge Official records from APKPure and Google Play confirm that the developer used a trusted and verified digital signature. The downloadable file is original and it has not been modified in any way. Why using SHA1 to check the identification of certificate is safe?
That’s a cryptography problem. Please refer to the following authoritative information to check the reason. How do we make sure the updated Apps are real and created by the respective developers? All appforpc1.com apps are verified prior to publishing. We make sure that the cryptographic signatures for new versions of all previously published apps match the original ones, which means we know if the new version APKs were signed by the real devs or someone pretending to be them. For new apps that have never been published on appforpc1.com, we try to match the signatures to other existing apps by the same developer.