My questions:
When I am signing my apk for release, does a checksum number created for securing my apk for penetration attacks?
So if someone gets his hands on my apk and is able to open it and change the code, will the signature change?
Will I know that it has been altered?
Thank you, in advance.
If someone gets his hands on my apk and is able to open it and change the code, will the signature change?
Yes.
so that I know that it has been altered?
Not usually, as usually part of the changes of the code will be to remove any tamper-detection code that you added. An inexperienced crook might tamper with your app and leave your tamper-detection code in there, but you should not assume that this will be the case.
Mostly, it is implemented because the tampered APK cannot be used to upgrade an existing installed APK, as the signatures do not match.
Also, if you have a suite of apps:
If you are using signature permissions to secure communications between those apps, the tampered app will not be able to participate in those communications
Apps in your suite could check the signature of other apps in your suite and detect the tampering (assuming that those apps themselves were not tampered with)