Google will require developer ID checks and limit Android sideloading
Mar 9th 2026
Google will roll out mandatory developer verification that could block unverified sideloaded apps, a move Google says will improve security while critics say it risks privacy, open source projects, and Android's openness.
- Google will require developers outside the Play Store to register with real names, pay a fee, and unverified apps may be blocked on most Android devices.
- Enforcement begins in September in Brazil, Singapore, Indonesia, and Thailand, with wider rollout planned through 2027.
- Google frames the move as a security step and says Play Protect scans about 350 billion Android apps per day as of early 2026.
- Security experts say verification could reduce traditional malware distribution but will not stop social engineering scams.
- Critics warn the policy centralizes power at Google, creates a global developer database vulnerable to legal demands, and could exclude developers in sanctioned countries.
- Open source projects and offline distribution models like F-Droid and Guardian Project risk disruption because verification may require online checks and Google ties.
- Google promised an "advanced flow" for power users to bypass verification, but details and timing are unclear and it may not be available before enforcement.
- Workarounds include progressive web apps or running alternative Android builds, but these options are limited or impractical for most users and developers.