Google details new 24-hour process to sideload Android apps from unverified developers
Google has announced a major update to its Android sideloading policy following widespread user criticism of mandatory developer verification for apps distributed outside the Play Store. This move comes after months of feedback, particularly from power users seeking more flexibility in app installation.
In response, Google is introducing an advanced sideloading flow aimed at experienced users who choose to install apps from unverified developers. The company describes this as a one-time opt-in process, but it incorporates several security-focused steps. To begin, users must enable developer mode in system settings and confirm they are not being coached through the process. This is intended to detect and disrupt any live scam attempts. Users must then restart their device, reauthenticate to disable any potential remote access, wait through a one-day delay, and finally complete biometric or PIN verification before proceeding with the app installation.
While these measures are designed to balance flexibility with protection, Google is also supporting the educational and hobbyist community. The company plans to offer free, limited distribution developer accounts. These accounts enable students and hobbyists to share apps with up to 20 devices without providing a government-issued ID or paying a registration fee.
Related news
External links
- Android developer verification: Balancing openness and choice with safetyGoogle • Official source
- Android isn't killing sideloading, but the compromise is perfect9to5Google
- Google introduces a new way for users to sideload Android apps that still protects against scamsTechCrunch
- Google details new 24-hour process to sideload unverified Android appsArs Technica
- Google Reveals New Android Sideloading System: One-Day Wait, Then Full AccessAndroid Headlines
- Here's how Google plans to 'balance' a safer Android with side-loading this yearAndroid Central
Comments
So when will these "high friction" tactics be implemented into official Google services? I would love to have my parents phone have an on-by-default 24hr wait period before you can enable automatic backup within Google Photos. Or every time they launch Gmail have a scary red banner at the top indicating that a multi-billion dollar company has read access to all their mail. And maybe one day the permanent notification that requires developer options enabled (and a reboot naturally) to disable, warning you that your precise location, microphone and call history is being monitored by same multi-billion dollar company.
Is it just me, or is the water in this pot getting hot?? android users: 🐸
Oh boy! Many people struggle just to download a simple APK file.
And now they have to tap seven time some specific label, reboot, wait for the "protective waiting period" then check they're "understanding the risks", and then still struggling just to download a simple APK file.
Imagine enabling the option that allows you to download apps from "unverified developers", it's like enabling OEM unlocking. You may void your warranty and face similar consequences because you've enabled a "dangerous" feature. Just my imagination, but it feels like a bad precedent.
Well, this is better than the original plan, I suppose. But the fact that Google has this kind of power suggests that we need a viable alternative to the Apple/Google duopoly in phones. Pinephone was promising but low adoption.
My thoughts exactly. Hoping this serves as a "warning flare" so we can break this dependency!