Google has made an announcement stating that, beginning in 2026, all apps installed on Android devices—whether they are sourced from Google Play or third-party avenues—will be required to go through developer identity verification. This decision is a response to Google's internal data, which reveals that the proportion of malicious software in apps downloaded from non-official sources is over twice that of apps from Google Play.

The primary goal of this verification is to bolster the credibility of app sources and curtail the risks associated with malicious activities carried out by individuals who take advantage of anonymity. It's important to note that the verification process does not involve a review of the app's content itself. Instead, it will enable Google to more efficiently track and block developers who engage in unscrupulous practices.

This new regulation will solely apply to 'certified' Android devices that come pre-installed with Google Play Protect and other Google security applications. Google has outlined a timeline for the implementation of this initiative. It plans to initiate an early verification program in October 2025, fully open up the verification process in March 2026, conduct a pilot program in Brazil, Indonesia, Singapore, and Thailand in September 2026, and subsequently roll it out on a global scale in 2027 and the years that follow.