- Developer identity verification extends to apps outside of Google Play, including sideloading.
- Affects Android devices certified with Play Protect; does not remove installations from alternative sources.
- Requirements: Developer's legal information, and for DUNS organizations and verified websites, proof of ownership of the apps must be provided.
- Schedule: Early Access in October 2025, Opening in March 2026, Mandatory Requirement in September 2026 for Brazil, Indonesia, Singapore, and Thailand, and Global Rollout in 2027.
Google will apply a mandatory identity check for Android developers that distribute applications outside the Play Store, with the aim of strengthening the security of the ecosystem without sacrificing its open nature. The measure will make it necessary to install apps on devices Android certificates, the author is verified.
This change reaches to all distribution channels: third-party stores and direct APK downloads, in addition to the Play Store itself where verification has already existed since 2023. It does not constitute a ban on sideloading, but if adds a layer of accountability about who publishes each application.
What changes now, who does it affect?
From the deployment, any app that you want to install on a certified Android must come from a verified developer account, regardless of whether it comes from Google Play or through external channels. sideloading will remain available, but the installation will remain subject to verification.
Google emphasizes that this is not a software audit: it is an author identity checkThe company compares the process to showing your ID at a checkpoint: it lets them know who you are, but does not inspect the content of the app or its code.
According to the company's internal analysis, Apps downloaded outside of Google Play are dozens of times more likely to contain malware. than those in the official store. With verification, It is intended to make it difficult to abuse anonymity and accelerate the response to malicious actors.
The impact will vary depending on the profile. Large studios will barely notice any changes, while independent developers and students will face an additional process. For them, Google prepares a specific account modality designed for those who create as a hobby or experiment.
There are also privacy concerns: Creators will have to provide personal data to Google. The company claims that the information will not be public and will be protected, although part of the community is asking for additional guarantees.
Requirements and verification process
Anyone who publishes as a natural person must provide Full legal name, address, email, and phone number, with documentary verification where appropriate (for example, official identification issued by a government).
If an organization is registered, it will be requested a business identifier (such as DUNS), the corporate website verification and, if necessary, additional documentation to validate the entity.
In addition, the creators will have to demonstrate ownership of your applications: The package name and the signature keys corresponding to link the app with the verified account.
Google will enable a Android Developer Console for those who distribute outside of Play, while Those who publish in the store will continue to use Play ConsoleBoth routes will support the verification process, and a account adapted to hobbyists and students with less friction.
The requirement will operate on devices certified with Play ProtectIn these cases, the system will check that the developer is verified before allowing installation, even when the source is an alternative store or a direct APK.
Schedule and rollout by country
Google will begin a period of Early access in October 2025, with gradual invitations to use verification in the Android Developer Console and Play Console. This first phase will serve to fine-tune the process with community comments.
Verification is will open to everyone in March 2026Starting from September 2026, The requirement will become mandatory in Brazil, Indonesia, Singapore and Thailand., blocking the installation of apps whose authors are not identified.
From 2027, Google will gradually extend the requirement to other markets.In parallel, the company assures that it will reinforce the response tools to remove fraudulent software more quickly and penalize repeat offenders.
The plan has received support from public bodies and the financial sector in regions particularly affected by mobile scams, while Part of the development community is calling for a balance between security and openness so as not to hinder innovation..
With this move, Android is betting on greater traceability of origin of each app without closing the door to alternative sources: whoever distributes software must identify themselves, the code will not be audited in this way, and users will gain more guarantees against the abuse of anonymity which facilitated the proliferation of malicious apps.
I am a technology enthusiast who has turned his "geek" interests into a profession. I have spent more than 10 years of my life using cutting-edge technology and tinkering with all kinds of programs out of pure curiosity. Now I have specialized in computer technology and video games. This is because for more than 5 years I have been writing for various websites on technology and video games, creating articles that seek to give you the information you need in a language that is understandable to everyone.
If you have any questions, my knowledge ranges from everything related to the Windows operating system as well as Android for mobile phones. And my commitment is to you, I am always willing to spend a few minutes and help you resolve any questions you may have in this internet world.