Google is preparing one of the most significant shifts in Android’s app ecosystem. Beginning September 2026, the company will require all apps running on certified Android devices to be registered by verified developers, effectively ending the practice of sideloading apps from unknown or unverified sources. The move, Google says, is aimed at reducing malware risks and strengthening accountability within the Android ecosystem.
According to the company, the new rule is designed to “elevate Android’s security to keep it open and safe.” By enforcing developer identity verification, Google believes it can add a vital layer of transparency that makes it more difficult for malicious actors to distribute harmful software under fake identities. While this policy won’t completely eliminate malware, it will significantly raise the barrier for bad actors who rely on anonymity to spread scams, fraud, and harmful apps.
Importantly, Google clarified that the verification requirement will not extend to reviewing or censoring app content. As reported by Android Authority, the process is intended strictly to confirm developer identities, functioning more like an ID check than a content filter.
The verification framework involves two steps:
Identity verification – Developers must provide legal details including name, address, phone number, and email. Organisations will also need to supply their D-U-N-S number, official website, and supporting government documentation.
App registration – Developers will need to prove ownership of their apps by submitting package names and signing keys.
For developers already publishing on the Play Store, most of these requirements are already fulfilled, meaning their apps will be automatically registered. However, those distributing apps independently will use a new Android Developer Console to complete the process. Google has also reassured smaller or hobbyist developers that the personal data collected will remain private and not be disclosed publicly.
Timeline for rollout:
October 2025: Early access opens for select developers.
March 2026: Verification becomes available worldwide.
September 2026: Policy goes live in Brazil, Indonesia, Singapore, and Thailand. Only apps from verified developers will run on certified devices in these regions.
2027 onwards: Expansion continues across additional markets globally.
With this shift, Google is signaling a more secure but still open Android ecosystem—one where developer accountability becomes central to user protection.
