Google Relaxes Android Sideloading Restrictions
▼ Summary
– Google is creating a new “advanced flow” to let experienced users install apps from unverified developers by accepting the risks.
– Previously, the only method for such installations was using ADB, which was tedious for users.
– The new flow will include clear warnings and is designed to resist coercion from scammers to protect users.
– Google is inviting developers distributing apps outside the Play Store to join an early access program for identity verification ahead of next year’s enforcement.
– Verification requirements aim to increase security by making it harder for malicious actors to create apps, while hobbyist developers can use a limited account with fewer requirements.
Google is introducing a new “advanced flow” to give experienced Android users more control over app installations from unverified developers. This move comes as a direct response to earlier criticism over planned restrictions that would have severely limited sideloading capabilities. The company aims to strike a balance between user safety and freedom, allowing knowledgeable individuals to accept the risks associated with installing software from sources outside the official Play Store.
Previously, the only sanctioned method for such installations involved using the Android Debug Bridge (ADB), a functional but cumbersome process requiring technical know-how. While tools like Shizuku offered potential workarounds for PC-free installations, their long-term viability remained uncertain. Google’s new system promises a more integrated solution, designed specifically to resist manipulation by scammers. It will feature clear, repeated warnings to ensure users fully comprehend the potential dangers before proceeding.
In parallel, Google has begun inviting developers who distribute apps exclusively outside the Play Store to join an early access program for identity verification. These developers can enroll through the Android Developer Console ahead of next year’s enforcement of the new rules. Invitations started rolling out on November 3, while developers using the Play Store will receive their invites beginning November 25, 2025.
Google justifies these verification requirements by pointing to escalating security threats, particularly sophisticated social engineering attacks. The company highlighted a troubling pattern in Southeast Asia where fraudsters contact victims, falsely claim their bank accounts are compromised, and then direct them to install a malicious “verification” app. Once installed, these apps request notification access, enabling them to intercept two-factor authentication codes and steal sensitive financial information. By mandating developer verification, Google hopes to disrupt this cycle, making it harder for malicious actors to repeatedly create new apps after previous ones are removed.
However, these requirements could pose challenges for hobbyists and student developers. To address this, Google plans to offer a special account type with reduced verification steps and no $25 registration fee. These accounts will be restricted to distributing apps on a limited number of devices and cannot be used for public app store publishing. Google continues to refine this account model based on ongoing community feedback, with final details to be confirmed before the new policies take effect.
(Source: Android Authority)
