Below is the answer for 4.3+. This release introduced major changes to the KeyStore and KeyChain classes. See here for more information.
Keystore access is limited by UID - your application is allocated a UID during installation.
This is what prevents other applications / processes from gaining access to your key pair / private key . The keystore keeper will provide this.
This may require the device PIN for additional encryption. See http://developer.android.com/reference/android/security/KeyPairGeneratorSpec.Builder.html#setEncryptionRequired ()
The whole point of using software / hardware key storage is to get around the situation that you are describing - any hard-coded data in your application can be read during decompilation so that it is not safe.
@Duncans replies that it seems that you need to maintain a password. I would advise you to create a key pair using the keystore, and then use it to encrypt the AES key, which you can use to encrypt everything you want (much faster than using the RSA key).
You can use the secret key supported by the hardware / sorting repository like keyStore.getEntry(alias, null); and do not pass any password.
See SecretKeyWrapper.java for a good example.