Google's New Developer Verification Will Block Unregistered Apps from Installing on Android
Android's sideloading freedom has been the platform's defining difference from iOS and the last major refuge for open, unmonitored software distribution on consumer devices. Google's verification mandate, enforced through a closed-source service it can tighten at will, sets a precedent that hardware vendors worldwide can follow to retroactively lock down devices already in users' hands.
Google's Android Developer Verification policy, effective September 30, 2026, requires every app distributor to register with a government ID, pay a fee, and prove key ownership. Apps from unverified developers will not install on devices, and the rule applies to all distribution channels, not just Google Play. The first wave targets Brazil, Indonesia, Singapore, and Thailand, with seven cooperating app stores including Samsung, Xiaomi, and OPPO. By 2027, Google plans to extend the requirement to all GMS-certified Android devices.
The sideloading escape hatch for "advanced users" demands nine manual steps: enabling developer options, dismissing duress warnings, entering a PIN, rebooting, and waiting a mandatory 24-hour cooling-off period before temporarily or permanently allowing the install. This flow is controlled by Google Play Services, a closed-source component Google can update or revoke without user consent. The design fits the definition of a dark pattern, making sideloading technically possible but practically unreachable for most people.
Small-scale and non-commercial distribution takes the hardest hit. Personal tools shared among friends, apps written for family members, internal CI test builds, and the entire F-Droid ecosystem of free open-source apps all face an existential threat. F-Droid called the policy an existential threat, and 71 organizations across 23 countries, including the EFF, FSF, Tor Project, and GrapheneOS, signed an open letter opposing it. Cory Doctorow labeled the strategy "Darth Android," describing it as a systematic, premeditated shutdown of Android's openness. The irony is sharp: the EU's Digital Markets Act forced Apple to open iOS to sideloading, while Google voluntarily locks Android down from the inside.
Google's sideloading workaround is a dark pattern: it exists on paper to claim openness but is deliberately too cumbersome for ordinary users to complete, making the restriction effectively absolute.
By routing the restriction through Google Play Services rather than AOSP, Google can tighten or expand the policy on devices already sold, without any system update or user consent.
The policy reverses the historical trajectory of mobile platforms: Apple was compelled by regulation to open up, while Google is choosing to close down without equivalent legal pressure.
The requirement to submit government ID for app distribution shifts the gatekeeping function from a technical security measure to an identity-based control, which the EFF classifies as censorship infrastructure.
Internal CI pipelines and enterprise app distribution will face a logistical burden: every test device must individually complete the 9-step, 24-hour cooldown before installing a build.
The community's call for developers to refuse registration is a direct attempt to deny Google the compliance needed to operationalize the policy, treating developer cooperation as the policy's single point of failure.