Google tightens Android developer verification

Google is widening its developer verification requirements to include all apps that can be installed on certified Android devices, following a spike in malware for sideloaded software from outside its official Play store.

In a notice to Android developers, Google's vice president for product, trust and growth, Suzanne Frey, said the reason for the verification is to increase developer accountability to prevent abuse from scammy and malware sideloaded apps.

"We’ve seen how malicious actors hide behind anonymity to harm users by impersonating developers and using their brand image to create convincing fake apps," Frey said.

"The scale of this threat is significant: our recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play."

The tech giant introduced developer verification for Google Play in 2023.

Frey said the verification will start with early access through invitations in October this year, opening to all developers in March 2026.

Developer verification will be required in Brazil, Singapore, Indonesia and Thailand by September 2026, and apply globally by 2027.

Frey said the developer verification isn't a move to restrict sideloading of apps.

"To be clear, developers will have the same freedom to distribute their apps directly to users through sideloading or to use any app store they prefer.

"We believe this is how an open system should work- by preserving choice while enhancing security for everyone," Frey said.

Users have been able to sideload apps on Android since its first release in 2008, by toggling the developer "Unknown sources" setting.

In comparison, Apple has always strictly restricted third-party software to its official App Store which has vetting of code and developer guidelines.

The exceptions to Apple's rules have been the Enterprise Developer Program, which allows organisations to bypass the App Store, and programmers being able to install software on their own devices and distribute to testers through special provisioning profiles, or the Testflight system.

Starting with iOS 17.4, the European Union's Digital Markets Act forced Apple to allow alternative app stores on iOS devices within the economic bloc's markets, in an effort to open up the United States tech company's "walled garden" to outside developers.

Microsoft operates the broader, reputation-based Windows Smartscreen flitering system to protect users of its products, including applications.