Google has set September 30, 2026, as the start date for enforcing Android developer verification in Brazil, Indonesia, Singapore, and Thailand, marking the first phase of a broader global rollout. From that point on, certified Android devices—those shipped with Google Mobile Services and Play Protect—will block installation of apps from developers who have not registered their identity with Google, even when those apps are distributed through third-party app stores such as those run by Samsung, Xiaomi, OPPO, vivo, Honor, and Transsion.
The enforcement happens directly on-device via a new system service called Android Developer Verifier, which checks whether an app is tied to a registered and verified developer before installation proceeds. Apps from verified developers will continue to install normally, but unverified apps will be blocked from standard installation flows in the four launch countries. While sideloading is still technically possible through Android Debug Bridge (ADB) or a more restrictive “advanced flow,” these paths introduce significant friction, including developer mode activation, waiting periods, and re-authentication steps.
To comply, developers must register with Google by providing legal identity information, contact details, and in some cases government-issued identification, while also proving ownership of their apps through cryptographically signed APK submissions. Google is also introducing APIs and console tools to streamline bulk registration and allow third-party app stores to integrate parts of the verification process. A separate “lightweight” developer account option, launching globally in August, will allow hobbyists and students to distribute apps to up to 20 devices without ID verification or fees, while standard accounts require a one-time $25 payment.
The policy is positioned by Google as a security measure aimed at reducing malware and social engineering scams, which often rely on convincing users to install malicious APKs outside official channels. However, the move has sparked strong opposition from parts of the open-source community, including F-Droid, which argues that mandatory identity verification is incompatible with its model of pseudonymous, community-driven software distribution. Advocacy groups have also raised concerns that the system concentrates installation control in Google’s hands across most Android devices outside China, even as rollout phases continue toward a full global enforcement plan expected in 2027.
