Google is introducing a developer verification program for Android apps starting September 2026 in select regions, requiring developers to register personal details regardless of app source. The measure aims to enhance security by increasing accountability, but critics argue it threatens open source projects and user choice. An open letter opposing the program has garnered support from numerous organizations.
Google announced its Developer Verification program in August 2025, with implementation beginning in September 2026 in Brazil, Indonesia, Singapore, and Thailand, followed by a global rollout in 2027. On certified Android devices, all apps—from the Play Store, third-party stores, or direct APK downloads—must come from verified developers. Verification involves registering legal name, address, email, and phone number via the Android Developer Console, with some requiring government-issued ID. Organizations need a D-U-N-S Number, which can take up to 30 business days. There are two tiers: a $25 one-time fee for Full Distribution and a free Limited Distribution for students and hobbyists, skipping ID requirements. ADB installs and enterprise-managed devices are exempt. Google justifies the program as a security step, citing research that sideloaded apps are over 50 times more likely to contain malware than Play Store apps. The goal is to tie developers to real-world identities, making it harder for malware distributors to create new accounts. However, projects like F-Droid, which compiles and distributes open source apps, face existential challenges. F-Droid states it has no viable path forward, as requiring volunteer identities contradicts its principles, and claiming app ownership is impossible. IzzyOnDroid, distributing developer-signed APKs, is similarly affected. The Keep Android Open initiative launched an open letter to Google, signed by 56 organizations from 19 countries, including the EFF, FSF, Tor Project, Proton, KDE, LineageOS, CryptPad, Nextcloud, Vivaldi, and Software Freedom Conservancy. The letter claims Google overreaches into non-Play Store channels, creates barriers for independents and researchers, and raises surveillance concerns due to centralized data. It urges developers to boycott the early access program. Without broad developer participation, apps from non-compliant sources may cease working on certified devices, potentially limiting options beyond the Play Store.
