All apps installed on certified Android devices will require registration by a verified developer beginning in 2026, including apps installed via Play Store alternatives and sideloading. The verification will collect official name, address, email, and phone number, with a tailored account type for students and hobby developers. Google frames the requirement as a developer identity check, not a content review, to reduce anonymity exploited by malicious actors. Sideloaded apps are identified as a major risk, with Google reporting over fifty times more malware from internet-installed apps than from Google Play. Play Store verification remains unchanged.
Google has seen a clear increase in attacks targeting personal and financial data. Sideloading in particular appears to be a major risk: according to Google, more than 50 times more malware enters the system via apps installed from the internet than via Google Play. Malicious actors often exploit anonymity, for example, by posing as well-known developers and distributing fake apps. By requiring mandatory developer verification, Google wants to break this anonymity and raise the bar for repeated abuse.
From 2026, all apps installed on certified Android devices must be registered by a verified developer. This also applies to apps distributed outside the Play Store. Google compares the measure to passport control at an airport. The developer is checked, but not the content or origin of the app itself. Developers will have to provide their official name, address, email address, and phone number. This may encourage independent developers to register as companies to protect their privacy.
Collection
[
|
...
]