[…]
In the new blog post, Google’s Matthew Forsythe confirms that the developer verification system is slated to come online on September 30 of this year. The initial deployment will be limited to countries with a high level of app scams: Brazil, Indonesia, Singapore, and Thailand.
[…]
Google released its new developer console back in March, inviting external developers the opportunity to pay $25 and verify their identities early. Developers who don’t register will find that their apps cannot be sideloaded on Google-certified Android devices once verification has rolled out. Google says that almost every app in the Play Store is now ready for the change, and a “large majority” of apps outside Google Play have completed verification.
[…]
Google says it will verify the apps in the following stores when it begins enforcing the new restrictions.
Google (Google Play)
Honor (HONOR App Market)
OPlus (OPPO App Market)
Samsung (Galaxy Store)
Transsion (Palm Store)
vivo (V-Appstore)
Xiaomi (GetApps)
[…]
The next step toward verifying apps will come this month as Google deploys a new system service on most certified devices. The package (com.google.android.verifier) will appear on phones and tablets running Android 8 or higher, allowing Google to block the installation of unverified apps. It will remain dormant until verification is activated in your specific region.
In July, Google plans to roll out the new developer APIs and begin testing for “limited distribution” accounts. This is Google’s solution for hobbyists who want to make their own apps and share them with a small group. Limited accounts won’t require a fee or government ID verification, but you can install these apps on up to 20 devices.
In August, the advanced flow will become available globally ahead of verification becoming mandatory in the first markets. As detailed a few months ago, the advanced flow will allow users to bypass verification, but the process isn’t easy. You’ll have to navigate to a buried menu, confirm you understand the risks multiple times, and wait a whole day before completing the process.
And that brings us to September, when Android devices in Brazil, Indonesia, Singapore, and Thailand will begin checking verification status before installing apps. However, things get murky after that. Google will undoubtedly monitor how verification works as millions of users are suddenly limited to verified apps, which could affect how it moves forward. Google says it intends to expand developer verification in 2027, eventually making it a global device policy.
I’m not happy about this but they really have no choice.
The android app marketplace is infested with spyware and Android devices were recently found to be the vector for one of if not the worlds biggest botnet (super/bad box).
If you wanna be able to keep using your os to make ad money you gotta lock it down and since Android is largely open source and used by tons of oems that means locking down some part that you could conceivably do without but no one really will.
None of this even attempts to address the problem of Google Play (the primary android app marketplace) being filled with malware. Every single app that’s being distributed through Google Play today already has a “verified” developer by the same criteria they’re applying system-wide. That malware can continue working as it already does without any changes.
This is exclusively about Google imposing control on all apps distributed through channels that otherwise used to be outside Google’s control.
Google’s claimed reasoning is that this control is a good thing and makes them be able to block apps made by malware developers in the same way they already do in Google Play, even for users who install apps from other sources. Critics disagree because Google forcibly taking personal information and money from all software developers and wielding the ability to remotely kill any app they don’t like for any reason have far wider consequences than protecting users from malware, and the proliferation of malware on Google Play shows how (in)effective Google’s measures against it are. Neither side believes or claims this can or will make Google Play any safer.
They should police their own store then. Fuck this “oh they have to” shit.