Google will quickly require all Android app builders to confirm their identities, even when they don’t record their apps on its Play Retailer. At the moment, those that create “sideloaded” apps, that are downloaded exterior the official app market, are exempt from Google’s verification necessities.
Nevertheless, as of Sept. 2026, this exemption will change.
“Android would require all apps to be registered by verified builders with the intention to be put in on licensed Android gadgets,” Google wrote in an announcement. “This creates essential accountability, making it a lot tougher for malicious actors to shortly distribute one other dangerous app after we take the primary one down.”
Installations of any app that’s not connected to both an identity-verified Play Console account or a brand new “Android Developer Console” account might be blocked. Google has confused that the method of sideloading and distribution via different app shops will stay allowed, “preserving alternative whereas enhancing safety for everybody.”
Why builders, good and unhealthy, go for sideloading
There’s a neighborhood of builders who create sideloaded apps for comfort. To record on the Play Retailer, a developer will need to have a Play Console account, which requires identification verification, a membership charge, and settlement to a number of insurance policies.
This locations a burden on those that could want to stay nameless or just need to gauge curiosity in a prototype app. They might select to distribute their apps via boards, Telegram, Discord, GitHub, or direct obtain websites as a substitute of the Play Retailer.
Nevertheless, unhealthy actors additionally profit from the anonymity of sideloading and have been identified to distribute malware via the identical unofficial app channels as harmless hobbyists.
“Latest evaluation discovered over 50 occasions extra malware from internet-sideloaded sources than on apps obtainable via Google Play,” Google stated.
Google Play Defend, the safety software program constructed into all Android gadgets, already scans apps for malware, no matter whether or not they got here from the Play Retailer or elsewhere. Nevertheless, Google can also be attempting so as to add an additional layer of safety by stopping malicious app builders from hiding behind anonymity.
In apply, which means that any Android app developer and not using a verified Play Console account should purchase a brand new Android Developer Console account. Google says it’s going to solely be checking the developer’s identification, not the content material of their app or its origin.
Apple has an identical apply in place for sideloaded apps on macOS. Installations of apps not related to a verified Developer ID might be blocked by the Gatekeeper safety characteristic or set off a warning that daunts customers from opening them.
Google requires particular developer information to create an Android Developer Console account
To create an account, builders should submit their identification data, together with their authorized title, handle, e-mail handle, telephone quantity, organisation title, and D-U-N-S quantity (if relevant).
As soon as logged into the Android Developer Console, they have to then submit a government-issued identification doc, reminiscent of a driver’s license or passport, and confirm their telephone quantity with a one-time password. In addition they must submit an official organisation doc and confirm their web site.
As soon as this verification is full, the account holder can start registering their app’s bundle names and signing keys. Solely then will customers truly be capable to set up the app on an authorized Android gadget — these that include the Play Retailer, Play Companies, and different Google Cellular Companies apps preinstalled.
Organisations might want to pay a $25 charge to open an Android Developer Console account, whereas people, reminiscent of hobbyists and college students, won’t. Registering apps that aren’t meant for distribution on the Play Retailer may even be doable via the Play Console.
Nevertheless, not like with the Play Console, the non-public data submitted via the Android Developer Console for verification functions won’t be seen to app customers, in keeping with Android Authority.
Implementation timeline
Right here’s how the rollout is scheduled to unfold:
- October 2025: Restricted early entry to the Android Developer Console opens. Those that join get entry to an unique dialogue discussion board, precedence assist, and the chance to supply suggestions.
- March 2026: Verification opens for all builders.
- September 2026: Necessities take impact in Brazil, Indonesia, Singapore, and Thailand. These are locations “particularly impacted by these types of fraudulent app scams, typically from repeat perpetrators.”
- 2027 and past: The necessities will progressively be rolled out globally.
Google is beginning to enable European app builders to direct their customers to cost choices exterior of the Play Retailer for in-app purchases.
