Probably, I took it apart and had a quick look but couldn't find the key. I only had a quick scan of the Application and Activity classes though and did a search for Parse.initialize (where the key is passed in)

Ok, I took another look and all the Parse keys are in a very obvious place!

I'm interested in how you can conceal these API keys in Android, there does not seem to be any recommended approach.

Obscure methods like wrapping them up in C native code get mentioned. I'm assuming Proguard does not help?