Silent Security Risk: Google API Keys Quietly Grant Gemini Access on Android

A newly uncovered flaw in Google’s API key system is putting Android applications at risk. According to a CloudSEK advisory published on April 8, the issue allows existing API keys to silently access Google’s Gemini AI platform without developer knowledge or user consent. This means that millions of Android users could be exposed to data breaches, unexpected costs, and service disruptions.

The vulnerability revolves around Google’s long-standing API key format, originally designed for public-facing services like Maps and Firebase. When the Gemini API is enabled in a Google Cloud project, existing keys automatically gain access to AI endpoints—no notification, no warning. This quiet shift creates a widespread risk that many developers are unaware of.

How the Google API Keys Gemini Access Flaw Works

CloudSEK’s research analyzed 10,000 Android apps using its BeVigil platform. The team identified 32 active keys across 22 applications, which collectively account for more than 500 million installs. In one confirmed case, researchers accessed user-uploaded audio files from an English-learning app via the Gemini Files API. The data included file metadata, timestamps, and accessible links—clear evidence that private content could be retrieved using exposed keys.

This behavior marks a departure from earlier Google guidance, which stated that such keys were safe to embed in client-side code. Developers who followed those recommendations may now be unknowingly exposing credentials linked to advanced AI systems. As a result, the Android app vulnerability is not just a theoretical risk—it’s a practical threat.

The Financial and Security Implications of API Key Exposure

The risks linked to this flaw are substantial. Attackers can access private files stored in Gemini, generate unauthorized API usage leading to financial losses, and disrupt services through quota exhaustion. Real-world incidents highlight the potential impact: one developer reported $15,400 in charges within hours of a compromised key being exploited. Another organization faced losses of $128,000, despite implementing security controls.

Furthermore, the mobile ecosystem amplifies the threat. App packages can be easily downloaded and analyzed to extract embedded keys. Many of these keys persist across multiple versions, increasing long-term exposure. This means that even if a developer updates their app, old keys may still be vulnerable.

What Developers and Users Should Do Now

CloudSEK’s advisory is clear: this is a structural flaw. ‘Google merged the concept of public keys with server-side AI secrets,’ the researchers wrote. ‘Enabling Gemini should have triggered a mandatory key restriction or forced the creation of a new, scoped key.’

Therefore, developers must take immediate action. First, audit all Google Cloud projects to identify which keys have Gemini API access. Second, rotate any exposed keys immediately. Third, restrict API access to only the services required. For users, the best defense is to keep apps updated and monitor for unusual activity.

Infosecurity Magazine has reached out to Google for comment on these findings, but has not received a response at the time of publication. In the meantime, the Android app vulnerability remains a pressing concern for the entire mobile ecosystem.

For more on AI security, read our article on Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code. Additionally, learn about best practices for securing cloud APIs.

Image credit: Nwz / Shutterstock.com