Google is introducing mandatory developer verification for Android apps to combat malware, requiring developers to register their software before user-facing security changes begin rolling out later this year.

Key points

• Google reports that sideloaded apps contain over 90 times more malware than those distributed through the official Google Play Store.
• Developers must now register their apps via the Android Developer Console or Play Console to verify their identity.
• User-facing security protections will launch in Brazil, Indonesia, Singapore, and Thailand this September before a global expansion in 2027.
• The new Android Developer Verifier system will launch in April to check if installed apps are linked to a verified developer.
• Power users can still install unregistered apps using advanced flows or ADB, maintaining platform flexibility for experienced individuals.

This initiative represents a significant shift in Google’s strategy to balance Android’s open-source nature with increased protection against malicious software. By mandating developer accountability, the company aims to reduce security risks for average users while preserving advanced installation options for technical power users.