.jpg?w=1920&resize=1920,1075&ssl=1 "Google to confirm all Android devs to dam malware on Google Play")
.jpg "Google to confirm all Android devs to dam malware on Google Play")
Google is introducing a brand new protection for Android known as ‘Developer Verification’ to block malware installations from sideloaded apps sourced from exterior the official Google Play app retailer.
For apps on Google Play, there was already a requirement for publishers to supply a D-U-N-S (Knowledge Common Numbering System) quantity, launched on August 31, 2023.
Google says this has had a notable impact in lowering malware on the platform. Nonetheless, the system didn’t apply to the huge developer ecosystem exterior the app retailer.
“We’ve seen how malicious actors cover behind anonymity to hurt customers by impersonating builders and utilizing their model picture to create convincing pretend apps,” reads Google’s announcement.
“The dimensions of this risk is critical: our current evaluation discovered over 50 occasions extra malware from internet-sideloaded sources than on apps out there by way of Google Play.”
Though the risk is extra prevalent exterior Google Play, the developer verification requirement applies to each apps on Google Play and apps hosted on third-party app shops.
Beginning in 2026, all apps put in on licensed Android gadgets should come from builders who’ve verified their identification with Google.
Early entry to the Developer Verification program will start this 12 months in October, and the system will open to all Android utility builders in March 2026.
In September 2026, the identification verification requirement will change into necessary for Brazil, Indonesia, Singapore, and Thailand, earlier than it rolls out globally in 2027.
The anticipated impact is to have sideloading, non-compliant apps blocked by the working system with a safety message on licensed gadgets.
Licensed Android gadgets are those who have handed Google’s Compatibility Check Suite (CTS) and are permitted to ship with Google Play Companies, Play Retailer, and Play Shield.
In observe, this encompasses all mainstream gadgets from Samsung, Xiaomi, Motorola, OnePlus, Oppo, Vivo, and the Google Pixel line.
Non-certified gadgets are these from Huawei, Amazon Hearth tablets, and shady Chinese language TV bins or smartphones that use closely modified OS photos and questionable parts.
These gadgets should not topic to the brand new rule enforcement, and their customers will have the ability to proceed sideloading APKs from unverified and nameless builders.
46% of environments had passwords cracked, almost doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and knowledge exfiltration tendencies.
.jpg?w=1200&resize=1200,0&ssl=1&description=Google+to+confirm+all+Android+devs+to+dam+malware+on+Google+Play){kind=link}