The Android verification is such a broken experience. Recently I decided to purchase a dev account for my company, so far:
1) Provided my company DUNS number etc. once to create the payment profile. I did this some times ago, don’t remember the details but it was an involved verification process and it is marked as verified business payment profile.
2) Later on the payment step verified myself with a passport and bank statement to be able to actually pay with a proper HSBC bank card. Not shady pre-paid card or something, those are not accepted anyway.
3) After I paid I was told that now I need to verify my identity once more but this time with the passport and the incorporation certificate or some other company document.
fingers crossed that in few days it will be verified. While waiting, it tells me that there are still website and email verification to do once the previous step is done. I already verified my e-mail a few times before paying.
It’s painful, slow and annoying because if you fail at a step(i.e. needs verification that takes days and you are told about it at the payment step) you have to start again with the forms.
I just remembered why I never use Android. It seems like no one owns the process and as a result you get unpolished shitty experience that fulfills the requirements of god knows how many people who work in the same company but don’t talk to each other.
I released an Android app to the Play Store ~10 years ago and the most important advice people were always sounding alarms about online in Android dev communities was to not publish under your real Google account you care about, because it's not unlikely a bot will ban your entire account because of some vague infraction that's near impossible to appeal.
Google seems to actively hate people who develop for their platforms. Which I don't believe is a good move with their current hand, where young people in wealthy countries (i.e. the future of people who will spend money on apps) are something like 90% iPhone users these days.
1) Re-submit an app after it was rejected and labelled a gambling app (it wasn't even close - a 15 second look by a real human would have seen that. This one was even appealed and the support was utterly useless. I ended up changing one word and re-submitting the app, approved no problem.
2) An existing app, in the Play store for years but a nice app - only about 500 installs. I had to submit a new version for no reason whatsoever... Except to keep the customers developer account active.
Those are just issues I've dealt with in the last month or two.
Every single time, Google Support is completely useless - including the appeals process, which is an absolute joke.
Not to mention if you made one app in college and then didn't keep up with the SDK updates, Google perma-closes the entire Play account such that the only way to publish a new app is by creating a brand new gmail account
Forcing people to keep up with SDK updates is a bad thing in itself. Let people target the earliest possible feature set and make the app run on as many phones as possible rather than showing scary messages to people due to targeting an older API.
I think the problem is that older SDK versions allowed you to do things like scan local WiFi names to get location data, without requiring the location permission.
So bad actors would just target lower SDK versions and ignore the privacy improvements
The newer Android version could simply give empty data (for example, location is 0,0 latitude longitude, there are no visible WiFi networks), when the permission is missing and an app on the old SDK version requests it.
Of course, they don't like this because then apps can't easily refuse to work if not allowed to spy.
Phone companies are required to make sure 911 works on their phones. Random people on the internet aren't required to make sure 911 works on random apps, even if they look like phones.
That sounds a lot like my experience as an Apple Developer too, with the added bonus (unclear from your description if you experienced this too) that they took my money before the verification process was finished and wouldn't refund it once their AI couldn't connect my face to my ID and wouldn't let me connect with a real person (the first dozen times were on them, but after that it was maybe my fault for including a middle finger in the photographs).
If this is a business account why do they want your passport? And why are you paying with a personal bank card rather than a business one? Or do I misunderstand?
What you're describing is not "broken", it's the process and it appears it hasn't even failed for you.
My experience with getting a verified "business" developer account from Google mirrors the experience as getting one from Apple, except it's a one-time fee and much less than Apple.
Yes there are hoops to jump through, identification usually requires some hoops, but pretty it's straightforward. I am not commenting on the requirements of these hoops, yes, it's BS that they exist but it's their platform so it's their rules.
What type of "experience" are you expecting to have anyway?
> However, our recent analysis found over 90 times more malware from sideloaded sources than on Google Play
Google has seemingly never seen an elderly person's phone, where it is completely infected with crap including literal popup ads (that somehow overlay other apps), yet all of it was downloaded from GPlay.
What % of Android users actually want this? Do they know or care?
I've been using Android since 2010 because it was open in ways that the Apple ecosystem wasn't. I do not want this and imagine hardly any other power users (for lack of a better term) do. I'm already using a mostly deGoogled device but this really seals the deal. I have been longing for a true Linux phone for years and now seems like a good time to get serious about the search and migration plan.
> What % of Android users actually want this? Do they know or care?
If Apple announced that they were going to allow installing apps like how you can install APKs you will have a whole group of people on here arguing against it because they want Apple to have control over everything. You could have seen those people in action on the Epic v. Apple and Digital Markets Act discussions.
Significantly larger than the number of users wanting to sideload.
There are millions of people affected by targeted scams every year, significantly outnumbering the non-developer sideload community. Especially when you take into account that the sideload community doesn't all use Google Android and isn't affected by this.
Google/Android don't want AI bots spamming marketplaces with dodgy apps.
Tie in the app to a verified identity/individual and it makes the audit process easier as well as engagement with authorities from the user's country if required (e.g. app facilitating child abuse).
I suspect that this is less driven by users and more driven by institutions. Banking trojans distributed via sideloading are a big problem. Banks are unhappy that their users are getting their shit stolen because some other app is squatting on 2fa codes or whatever. They'd rather that their apps are not installed alongside apps that are more likely to be malware given that there isn't a private channel for auth codes for the vast majority of users.
This change on its own doesn't make Google Android builds less open. It does the opposite. Now people can download apps directly from the websites of the publishers without getting a scary warning on Google Android builds. That's all this does.
Separately, they're going to increase friction the first time you allow installing apps outside of the Play Store or via this mechanism and also decrease friction on subsequent times, also on Google Android builds.
Android is becoming more Apple-ized everyday; it's horrible and more and more APIs get neutered or disappear, further limiting functionality available to developers.
But but but it is for your security! You need to be protected!
Android isn't open source for a while. They started by pushing device certification which crippled any abilities of OEMs to make a better framework. Then they took many of the opensource packages out of android and redistributed as applications that they controlled via play services.
Then they made it harder to publish packages and created tons of rules that they can arbitrarily decide to cut ties with you or remove your remuneration.
What they are effectively doing now is to remove any ability of individual developers to push applications. Some will say the costs ain't that high, but (1) maybe not in USD dollars for Americans and (2) both Google and Apple will push those numbers way up high soon.
Even if that is not the case, if you don't agree with anything and you decide to have your own version of your family wiki, messenger or anything, they will be able to tell the authorities about it.
> Android is for everyone. It’s built on a commitment to an open and safe platform. Users should feel confident installing apps, no matter where they get them from.
This intro immediately tells me that whatever comes after will be horrible for users and developers. Surprise surprise, I was right. Software to "verify" side loaded apps is a bad, anti user idea.
> Starting in April, Android Developer Verifier will be installed on devices.
so they're rolling out a system app that will call home to check whether any sideloaded apps have been "verified" with the developer's government ID? and this process will happen regardless of whether the user has enabled the "advanced flow" in Developer settings?
If they're taking on verification, are they also taking on liability? Do we get to sue them if grandma gets scammed through an app they allow onto their phone?
Maybe it's just me but what happened to "don't send your government id to anyone". I am from the EU but this is what was indoctrinated to me. Just seems very strange to all off a sudden send all this information to any company you require a service from.
Also the person is not the company, why is Google making the developer identify oneself while many apps are released under a company? My understanding is that Google has been mishandling this for a while but with the verification linked to a government id that just seems like another can of worms.
A few scenarios to consider:
- The developer is fired/resigns and the company does not want to be associated with the developer, for example if the developer is convicted for something.
- The developer is fired/resigns and the developer does not want to be associated with the company, developer found out about certain practices of the company they don't condone.
- The developer and the company part in good faith, however one of them is being exploited/pressured by a third party to abuse the relationship to the app.
- The developer or the company is on legal hold due to legal issues, arrests, malpractice etc.
- The developer passes away or the company ceases to exist.
- How does this work if you are making an app as a developer for hire, when entering into a contract with a publisher for example. Who will verify and how will that work (especially on small scale apps).
That's seriously horrible. There are 5+ open source android apps that I use and want to continue using that are not available on Play Store, but rather through alternative stores (like Zapstore, Obtainium).
If I get a phone with preinstalled Graphene OS (like the upcoming Motorola phone), then does it avoid this stupidity? Or even with Graphene it prevents me from installing apks?
My experience was worse than just frustrating verification - it cost me money twice.
I submitted my government-issued ID and bank statements multiple times. Each time rejected, no specific explanation why. After several rounds I gave up, assuming my developer account would at least stay dormant until I felt like trying again.
It didn't. Google deleted the account entirely. No warning, no refund of the €25 registration fee or whatever it costed. When I eventually wanted to publish again, I had to create a new account and pay again. The second time around they accepted my driving license - the same type of document category they had rejected before.
So the real cost of a bad verification experience isn't just time. If you give up and walk away, you lose your fee and start from zero. That's the part that stung, at least for me.
I'd say Hackernews knows enough people at Google to raise a stink about this, but it's not going to do any good. Sometime at the last WEF or Bilderberg meeting it was decided that KYC level identity verification should be required to use a computer or the internet, with more stringent requirements to program one. This, and much worse, is going to happen whether we like it or not.
The latest shift to lock down Google's android pushed me recently to install /e/OS. On paper it makes those kind of projects a lot harder, but its prompted me to be a bit more considered about what software projects I want to use/support.
Really glad I have done that - I've been a 'boiled frog' of sorts on Android for a while now. Not happy with being continually more and more locked down, but not quite unhappy enough to shift. Feels like a breath of fresh air to have software that's built to serve me, rather than just to serve me ads.
I am part of the team running keepandroidopen.org and corralling the signatures for the open letter opposing this program. We've been trying to get Google to reverse course on this program ever since it was announced.
As it stands, Android Developer Verification (ADV) is a death sentence for F-Droid, Obtainium, and other competitors to the Google Play Store, both commercial and non-commercial. We are disappointed that they are still trying to steamroll this through in the face of overwhelming public opposition.
There are numerous reasons to object to the program, but a few of the top ones are:
1. You own your computer, and you should be the sole decision-maker for what software you can install on it.
2. "Malware" means whatever Google says it means, and their terms and conditions change daily; today malware is banking scams, tomorrow it is … ad-blocking? VPNs? Their decisions are un-reviewable and opaque, and they have obvious commercial incentives to block certain kinds of (otherwise-legal) software.
3. Centralizing global developer registrations through a US corporation makes it subject to the rules (and whims) of the current regime. Citizens of sanctioned countries or members of sanctioned entities (like the International Criminal Court) will be legally barred from registering, blocking them from creating and distributing software _anywhere_ in the world (not just the US).
4. Scenarios that Google claims ADV will protect against — such as high-pressure phone calls manipulating vulnerable users into installing scam apps — have _already_ been addressed by incremental improvements to Android security over the years, such as "Enhanced Fraud Protection" introduced in Android 13 (and expanded in Android 15). Android has incrementally improved its security features over its near 20 years of existence. There is no evidence that anything has suddenly changed to justify such a disproportionate and extreme lockdown.
5. Being required to pay Google for the privilege of uploading your government identification so that you might be permitted to contribute to the Android software ecosystem is such an abominable insult to the developers that helped build the platform. It deserves all the utter contempt that has been heaped upon it thus far, and begs regulatory scrutiny from those few countries that still have the courage to stand up to these bullies.
We emphatically recommend against developers signing up for this program or endorsing it in any way.
Is there any information about how the "advanced flow" will be implemented? According to keepandroidopen.org, this is going to be handled by Google Play Services. Does it mean it will be automatically installed via the silent, always-on GMS update mechanism and I should root my devices and remove GMS altogether if I don't want this?
If I do software for Windows, Linux or FreeBSD I don't need verification. And potential users aren't required to get software only from a certain app store.
This is a case of companies forcing things on us "for our own good" and them knowing better than us what is good for us or not.
Android is for everyone. It’s built on a commitment to a... safe platform.
These two statements contradict. When something is public, it is not entirely safe; and to make something safe, there is exclusion of practices, behaviors, and often people.
> So as an extra layer of security, we are rolling out Android developer verification to help prevent malicious actors from hiding behind anonymity to repeatedly spread harm.
1. Well, then, surely Google can't be in charge of this process, because they are a malicious actor, known to manipulate social media search results and engage in mass surveillance of its users. And that's in addition to analyzing their personal data to try to manipulate them into buying things; which is called "targeted advertizing", but I would also characterize as harm.
2. To be slightly less tongue-in-cheek: Imagine that a two would prevent entry of unverified people - you know, to prevent malicious anonymous actors from bringing harm. That would be ridiculous - nobody should be able to restrict public space. Well, the space of computation and communications via our handheld phones/computers is enough of a public space to merit the same principle. Which means that it is not acceptable for it to be under Google/Alphabet's control. Government regulation could mitigate this problem, but then, governments collude with large corporations and often approve of such restrictions.
I don't see a way out of this except government regulation. The EU has the most motivation to do it, as a huge economic bloc with a lot of motivation right now to become as independent from the US as possible.
I guess I can sort of manage to keep my head above water and keep buying secondhand phones which I unlock and install a supported version of LineageOS. But it's cumbersome, it gets more difficult and more restrictive every time. And I literally have a doctorate in computers for crying out loud! Is there any hope for Granny? For a kid? For >99% of people? Of course not.
This is so clearly a matter for government oversight: prevent abuse, monopolies, protect the citizen's safety, rights, welfare, etc. It's not reasonable to expect consumers to figure out if the meat they buy is tainted, just as it's not to figure out if their phone spies on them, manipulates information, or sells their data (especially when there's a duopoly). That's why we have laws and food inspectors, paid for by the public, working for the public. Same thing with digital rights.
tl;dr how to install an app from unverified developer ("advanced flow")
1. enable developer mode
2. confirm you aren't being coached
3. restart your phone and reauthenticate
4. come back after 24 hours and unlock device
5. install app from unverified developer, option of enabling for 7 days or indefinitely
This is apparently a one-time process. Advanced flow for users launches globally August 2026. Verification requirement kicks in September 2026.
Personally I am hopeful that people work toward a completely new, non-Android OS. 15 GB of space on my phone, and 1.5 GB of RAM, is dedicated to Android OS alone. This design, and the control this company (and the mobile providers, and device manufacturers) have over the mobile world, is ridiculous. Let's start over.
Older Androids which are fully rootable and unbrickable are cheap (maybe even monetarily free) and will let you continue to have freedom despite what Google wants.
"Those who give up freedom for security deserve neither."
> The scale of this threat is significant: our recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play
> It’s only when a user tries to install an unregistered app that they’ll require ADB or advanced flow, helping us keep the broader community safe while preserving the flexibility for our power users.
So, we have a sideloaded app now. Which has been increasingly tricky for our users to install. The warning they get is hard to understand. Does this mean essentially the end of sideloading?
At this point, I think I would prefer to carry a dumb flip phone for SMS and phone calls, and a smartphone-shaped generic touchscreen linux computer for everything else. It's becoming disturbingly impossible to find the former, and practically impossible (IME) to find the former.
Does anyone here have experience using Ubuntu Touch? That's the closest thing I've seen to "generic touchscreen linux" for mobile phone hardware. I'd love a device that works for multimedia, navigation, web browsing, and a handful of APKs like various chat apps (and really anything can can arbitrarily use the hardware), but it seems like tying a cellular modem to this ends up fucking up the whole dream because of carrier and manufacturer motivations/compensations.
Even once you've managed to verify, Google love throwing more challenges at you if you want to keep your apps in the store. "You need to declare your blood type or we will remove your apps in 30 days". I removed my apps myself as it was turning from a hobby to an unpaid job just to keep the apps in the store.
Good job google. You just convinced our entire business to abandon our app (utilities company) and only target web. We are done with this shit. All our resources the next two weeks will be to fill in the gaps in our web clientzone so our thousands of customers can still buy electricity and pay water bill and have a similar experience than the app (it's 90% the same anyway).
Oh and my three personal apps that I installed via adb (not released on playstore) - the moment they stop working on my phone or hassle me about verification, I will get in my car and go buy an iPhone.
Next will be to degoogle the rest of my life, which is luckily only gmail. Guess how long it will take me to port out? Less than two days.
I only let companies violate me once. Then I'm out.
Play store is the biggest piece of trash malware system that exists today, but us normal businesses have to pull teeth and spend days jumping through hoops to get an app out, but the playstore is filled with infinite garbage that rot childrens brains.
335 comments
1) Provided my company DUNS number etc. once to create the payment profile. I did this some times ago, don’t remember the details but it was an involved verification process and it is marked as verified business payment profile.
2) Later on the payment step verified myself with a passport and bank statement to be able to actually pay with a proper HSBC bank card. Not shady pre-paid card or something, those are not accepted anyway.
3) After I paid I was told that now I need to verify my identity once more but this time with the passport and the incorporation certificate or some other company document.
fingers crossed that in few days it will be verified. While waiting, it tells me that there are still website and email verification to do once the previous step is done. I already verified my e-mail a few times before paying.
It’s painful, slow and annoying because if you fail at a step(i.e. needs verification that takes days and you are told about it at the payment step) you have to start again with the forms.
I just remembered why I never use Android. It seems like no one owns the process and as a result you get unpolished shitty experience that fulfills the requirements of god knows how many people who work in the same company but don’t talk to each other.
Google seems to actively hate people who develop for their platforms. Which I don't believe is a good move with their current hand, where young people in wealthy countries (i.e. the future of people who will spend money on apps) are something like 90% iPhone users these days.
Recent things I've had to do:
1) Re-submit an app after it was rejected and labelled a gambling app (it wasn't even close - a 15 second look by a real human would have seen that. This one was even appealed and the support was utterly useless. I ended up changing one word and re-submitting the app, approved no problem.
2) An existing app, in the Play store for years but a nice app - only about 500 installs. I had to submit a new version for no reason whatsoever... Except to keep the customers developer account active.
Those are just issues I've dealt with in the last month or two.
Every single time, Google Support is completely useless - including the appeals process, which is an absolute joke.
So bad actors would just target lower SDK versions and ignore the privacy improvements
Of course, they don't like this because then apps can't easily refuse to work if not allowed to spy.
Consider - it's a voip dialing client which has a requirement to provide location for E911 support.
If the OS vendor starts providing invalid data, it's the OS vendor which ends up being liable for the person's death.
e.g. https://www.cnet.com/home/internet/texas-sues-vonage-over-91...
which is from 2005, but gives you an idea of the liability involved.
I guess Vonage should try to appeal the case and say pocksuppet said they're not required to do that.
And you can manually force only the voip dialing apps instead of everyone
Is there a way around this shitocracy?
My experience with getting a verified "business" developer account from Google mirrors the experience as getting one from Apple, except it's a one-time fee and much less than Apple.
Yes there are hoops to jump through, identification usually requires some hoops, but pretty it's straightforward. I am not commenting on the requirements of these hoops, yes, it's BS that they exist but it's their platform so it's their rules.
What type of "experience" are you expecting to have anyway?
> However, our recent analysis found over 90 times more malware from sideloaded sources than on Google Play
Google has seemingly never seen an elderly person's phone, where it is completely infected with crap including literal popup ads (that somehow overlay other apps), yet all of it was downloaded from GPlay.
I've been using Android since 2010 because it was open in ways that the Apple ecosystem wasn't. I do not want this and imagine hardly any other power users (for lack of a better term) do. I'm already using a mostly deGoogled device but this really seals the deal. I have been longing for a true Linux phone for years and now seems like a good time to get serious about the search and migration plan.
> What % of Android users actually want this? Do they know or care?
If Apple announced that they were going to allow installing apps like how you can install APKs you will have a whole group of people on here arguing against it because they want Apple to have control over everything. You could have seen those people in action on the Epic v. Apple and Digital Markets Act discussions.
There are millions of people affected by targeted scams every year, significantly outnumbering the non-developer sideload community. Especially when you take into account that the sideload community doesn't all use Google Android and isn't affected by this.
> What % of Android users actually want this? Do they know or care?
2%, according to the keepandroidopen.org poll[^1]
[^1] https://techhub.social/@keepandroidopen/116251892296272830
Tie in the app to a verified identity/individual and it makes the audit process easier as well as engagement with authorities from the user's country if required (e.g. app facilitating child abuse).
Separately, they're going to increase friction the first time you allow installing apps outside of the Play Store or via this mechanism and also decrease friction on subsequent times, also on Google Android builds.
Android isn't open source for a while. They started by pushing device certification which crippled any abilities of OEMs to make a better framework. Then they took many of the opensource packages out of android and redistributed as applications that they controlled via play services.
Then they made it harder to publish packages and created tons of rules that they can arbitrarily decide to cut ties with you or remove your remuneration.
What they are effectively doing now is to remove any ability of individual developers to push applications. Some will say the costs ain't that high, but (1) maybe not in USD dollars for Americans and (2) both Google and Apple will push those numbers way up high soon.
Even if that is not the case, if you don't agree with anything and you decide to have your own version of your family wiki, messenger or anything, they will be able to tell the authorities about it.
This is insane....
> Android is for everyone. It’s built on a commitment to an open and safe platform. Users should feel confident installing apps, no matter where they get them from.
This intro immediately tells me that whatever comes after will be horrible for users and developers. Surprise surprise, I was right. Software to "verify" side loaded apps is a bad, anti user idea.
> Starting in April, Android Developer Verifier will be installed on devices.
so they're rolling out a system app that will call home to check whether any sideloaded apps have been "verified" with the developer's government ID? and this process will happen regardless of whether the user has enabled the "advanced flow" in Developer settings?
Also the person is not the company, why is Google making the developer identify oneself while many apps are released under a company? My understanding is that Google has been mishandling this for a while but with the verification linked to a government id that just seems like another can of worms.
A few scenarios to consider:
- The developer is fired/resigns and the company does not want to be associated with the developer, for example if the developer is convicted for something.
- The developer is fired/resigns and the developer does not want to be associated with the company, developer found out about certain practices of the company they don't condone.
- The developer and the company part in good faith, however one of them is being exploited/pressured by a third party to abuse the relationship to the app.
- The developer or the company is on legal hold due to legal issues, arrests, malpractice etc.
- The developer passes away or the company ceases to exist.
- How does this work if you are making an app as a developer for hire, when entering into a contract with a publisher for example. Who will verify and how will that work (especially on small scale apps).
If I get a phone with preinstalled Graphene OS (like the upcoming Motorola phone), then does it avoid this stupidity? Or even with Graphene it prevents me from installing apks?
Has anyone seen the report for that analysis. I bet most people here would love to read it too.
I submitted my government-issued ID and bank statements multiple times. Each time rejected, no specific explanation why. After several rounds I gave up, assuming my developer account would at least stay dormant until I felt like trying again.
It didn't. Google deleted the account entirely. No warning, no refund of the €25 registration fee or whatever it costed. When I eventually wanted to publish again, I had to create a new account and pay again. The second time around they accepted my driving license - the same type of document category they had rejected before.
So the real cost of a bad verification experience isn't just time. If you give up and walk away, you lose your fee and start from zero. That's the part that stung, at least for me.
Really glad I have done that - I've been a 'boiled frog' of sorts on Android for a while now. Not happy with being continually more and more locked down, but not quite unhappy enough to shift. Feels like a breath of fresh air to have software that's built to serve me, rather than just to serve me ads.
As it stands, Android Developer Verification (ADV) is a death sentence for F-Droid, Obtainium, and other competitors to the Google Play Store, both commercial and non-commercial. We are disappointed that they are still trying to steamroll this through in the face of overwhelming public opposition.
There are numerous reasons to object to the program, but a few of the top ones are:
1. You own your computer, and you should be the sole decision-maker for what software you can install on it.
2. "Malware" means whatever Google says it means, and their terms and conditions change daily; today malware is banking scams, tomorrow it is … ad-blocking? VPNs? Their decisions are un-reviewable and opaque, and they have obvious commercial incentives to block certain kinds of (otherwise-legal) software.
3. Centralizing global developer registrations through a US corporation makes it subject to the rules (and whims) of the current regime. Citizens of sanctioned countries or members of sanctioned entities (like the International Criminal Court) will be legally barred from registering, blocking them from creating and distributing software _anywhere_ in the world (not just the US).
4. Scenarios that Google claims ADV will protect against — such as high-pressure phone calls manipulating vulnerable users into installing scam apps — have _already_ been addressed by incremental improvements to Android security over the years, such as "Enhanced Fraud Protection" introduced in Android 13 (and expanded in Android 15). Android has incrementally improved its security features over its near 20 years of existence. There is no evidence that anything has suddenly changed to justify such a disproportionate and extreme lockdown.
5. Being required to pay Google for the privilege of uploading your government identification so that you might be permitted to contribute to the Android software ecosystem is such an abominable insult to the developers that helped build the platform. It deserves all the utter contempt that has been heaped upon it thus far, and begs regulatory scrutiny from those few countries that still have the courage to stand up to these bullies.
We emphatically recommend against developers signing up for this program or endorsing it in any way.
https://news.ycombinator.com/item?id=47354917
This is a case of companies forcing things on us "for our own good" and them knowing better than us what is good for us or not.
>
Android is for everyone. It’s built on a commitment to a... safe platform.These two statements contradict. When something is public, it is not entirely safe; and to make something safe, there is exclusion of practices, behaviors, and often people.
> So as an extra layer of security, we are rolling out Android developer verification to help prevent malicious actors from hiding behind anonymity to repeatedly spread harm.
1. Well, then, surely Google can't be in charge of this process, because they are a malicious actor, known to manipulate social media search results and engage in mass surveillance of its users. And that's in addition to analyzing their personal data to try to manipulate them into buying things; which is called "targeted advertizing", but I would also characterize as harm.
2. To be slightly less tongue-in-cheek: Imagine that a two would prevent entry of unverified people - you know, to prevent malicious anonymous actors from bringing harm. That would be ridiculous - nobody should be able to restrict public space. Well, the space of computation and communications via our handheld phones/computers is enough of a public space to merit the same principle. Which means that it is not acceptable for it to be under Google/Alphabet's control. Government regulation could mitigate this problem, but then, governments collude with large corporations and often approve of such restrictions.
I guess I can sort of manage to keep my head above water and keep buying secondhand phones which I unlock and install a supported version of LineageOS. But it's cumbersome, it gets more difficult and more restrictive every time. And I literally have a doctorate in computers for crying out loud! Is there any hope for Granny? For a kid? For >99% of people? Of course not.
This is so clearly a matter for government oversight: prevent abuse, monopolies, protect the citizen's safety, rights, welfare, etc. It's not reasonable to expect consumers to figure out if the meat they buy is tainted, just as it's not to figure out if their phone spies on them, manipulates information, or sells their data (especially when there's a duopoly). That's why we have laws and food inspectors, paid for by the public, working for the public. Same thing with digital rights.
Personally I am hopeful that people work toward a completely new, non-Android OS. 15 GB of space on my phone, and 1.5 GB of RAM, is dedicated to Android OS alone. This design, and the control this company (and the mobile providers, and device manufacturers) have over the mobile world, is ridiculous. Let's start over.
"Those who give up freedom for security deserve neither."
> However, our recent analysis found over 90 times more malware from sideloaded sources than on Google Play
https://android-developers.googleblog.com/2025/08/elevating-...
> The scale of this threat is significant: our recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play
Bald face lies are getting baldier.
> It’s only when a user tries to install an unregistered app that they’ll require ADB or advanced flow, helping us keep the broader community safe while preserving the flexibility for our power users.
So, we have a sideloaded app now. Which has been increasingly tricky for our users to install. The warning they get is hard to understand. Does this mean essentially the end of sideloading?
Does anyone here have experience using Ubuntu Touch? That's the closest thing I've seen to "generic touchscreen linux" for mobile phone hardware. I'd love a device that works for multimedia, navigation, web browsing, and a handful of APKs like various chat apps (and really anything can can arbitrarily use the hardware), but it seems like tying a cellular modem to this ends up fucking up the whole dream because of carrier and manufacturer motivations/compensations.
> our recent analysis found over 90 times more malware from sideloaded sources than on Google Play.
So, what I'm being told is; there's lots of malware on Google Play? Thank goodness for f droid (for now).
I stopped because Pixel AOSP phones were actually decent.
Now I guess i'll be buying phones based on which I can flash with custom roms again.
Maybe not expose potential internet users to such as high obstacle if your goal is to get their eyeballs to buy your advertised product???
Will bypassing this bureaucracy be just a matter of buying a Chinese Android phone?
Oh and my three personal apps that I installed via adb (not released on playstore) - the moment they stop working on my phone or hassle me about verification, I will get in my car and go buy an iPhone.
Next will be to degoogle the rest of my life, which is luckily only gmail. Guess how long it will take me to port out? Less than two days.
I only let companies violate me once. Then I'm out.
Play store is the biggest piece of trash malware system that exists today, but us normal businesses have to pull teeth and spend days jumping through hoops to get an app out, but the playstore is filled with infinite garbage that rot childrens brains.
Wake up.