Google to Require Developer Verification for Sideloaded Android Apps

Google announced a new developer identity verification requirement for apps installed on certified Android devices, including those sideloaded from the internet. The company says this move aims to reduce malware and scams after finding “over 50 times more malware from internet-sideloaded sources than on apps available through Google Play.”

What changes

• Developers distributing apps outside Google Play will need to register and verify their identity using a new Android Developer Console Google is building for this purpose.
• Verification is described by Google as an “ID check at the airport”: it confirms who the developer is but does not review or block app content.
• Verified developers will be able to register package names and complete the verification flow in the new console.

Why Google is doing this

Google’s analysis found a far higher rate of malware from internet-sideloaded sources versus apps on Google Play. By tying app installations on certified devices to a verified developer identity, Google hopes to make it harder for bad actors to repeatedly distribute malware and scams.

Timeline

The verification requirement will start rolling out in late 2026 in Brazil, Indonesia, Singapore, and Thailand. A global rollout will follow at a later date.

Impact on distribution

Google says the process will not prevent developers from distributing apps wherever they choose (including other app stores or direct downloads). It only requires that apps installed on certified devices be registered to a verified developer.

Sources

• Official Android Developers blog — Elevating Android security (developer announcement)
• Android Authority — coverage of the new developer verification requirement

Note: original reporting appeared on multiple outlets; this post links to official Google documentation and major coverage for more details.