Google has responded to mounting criticism from developers and open-source advocates regarding its upcoming developer verification policy, which will take effect in 2026. The company insists that the changes are intended to strengthen security without removing Android’s long-standing support for sideloading.
The clarification comes after open-source app repository F-Droid warned that the new rules could “end independent app stores,” a claim that sparked widespread debate in the developer community.
In a blog post, Matthew Forsythe, Director of Product Management for Android App Safety, stressed that sideloading remains a core feature of Android. “Sideloading is fundamental to Android and it is not going away,” he wrote. “Our new developer identity requirements are designed to protect users and developers from bad actors, not to limit choice.”
Google argues that verification will ensure apps are traceable to legitimate developers regardless of how they are distributed — via the Play Store, third-party app stores, or direct sideloading.
To address concerns from hobbyists, educators, and students, Google will introduce a free developer account that allows app distribution to a limited number of devices without requiring government ID. However, developers seeking broader reach will need to undergo full identity verification, a process that involves submitting personal documents and agreeing to Google’s terms.
While this option offers an alternative, it also introduces additional steps. Users will need to be whitelisted through the Play Console before downloading apps, making the process less straightforward than traditional APK sharing.
Google emphasized that the changes will not impact app development and testing. Developers can continue to use Android Studio and adb to build, debug, and run apps locally without verification. The requirement only applies when distributing apps to users outside controlled testing environments.
Despite Google’s reassurances, questions remain about the centralization of app distribution and the potential barriers for smaller developers. F-Droid and other critics argue that the rules could concentrate control in Google’s hands, while Google maintains that the policy is a necessary safeguard against malicious software.
The company says the extended lead time — more than a year before the policy takes effect — is intended to allow developers to adapt, share feedback, and shape the final framework.
Comments
Loading…