[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPKFpb9jZD9uwg1NrjgzMbWaWuZIzJnZAM8EYEDsMsmI":3},{"article":4,"iocs":42},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":29},"0d13c71e-3c1f-4607-921a-a2ad2e5711c3","Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries","google-sets-sept-30-deadline-for-android-developer-verification-in-four-countrie-10f4ea","Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal installs of apps whose developers have not registered an identity with Google, whether the app","Google will begin enforcing Android developer identity verification on September 30, 2026, in Brazil, Indonesia, Singapore, and Thailand. Certified Android devices in these countries will block installations of apps from developers who have not registered their identity with Google. This measure aims to combat malware and scams, particularly affecting open-source app distribution channels.","Google mandates Android developer verification for app installs in Brazil, Indonesia, Singapore, and Thailand starting","Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Swati KhandelwalJun 22, 2026Mobile Security \u002F Open Source Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal installs of apps whose developers have not registered an identity with Google, whether the app comes from Google Play or the stores run by Samsung, Xiaomi, OPPO, vivo, Honor, and Transsion. Certified devices are the ones that ship with Google's services and Play Protect, which, by F-Droid's count, is more than 95 percent of Android devices outside China. Most users will not notice, which is the point. Apps from verified developers keep installing as before. The friction lands on apps from developers Google has not verified, and is hardest on the independent and open-source channels, built on not needing Google's permission to ship. Developers distributing through those stores need to verify and register before the deadline. Google says apps that miss it will be unavailable for new installation on certified devices in the four countries. What flips on September 30 The check runs on the device. Google is pushing a new system service, the Android Developer Verifier, to phones on Android 8 and newer starting in June 2026, and it confirms an app is registered to a verified developer before the app installs. After September 30, in the four launch markets, an unregistered app will not install through the normal path. It can still be installed over Android Debug Bridge (ADB) or through the advanced flow, the deliberately high-friction route Google built earlier this year. That route makes the user turn on developer mode, restart, wait 24 hours, and reauthenticate before sideloading an unverified app, and it goes global in August. Registration opened to all developers in March, and Google says it already covers nearly all installs on Google Play and a large majority of those from outside it. To register, a developer gives Google a legal name, address, and contact details, may have to upload a government ID, and proves ownership of each app by submitting an APK signed with their private key. Google is also adding APIs for bulk registration and package-name checks, with OAuth delegation so a third-party store can run parts of the process for developers. The two interfaces, an Android Developer ID Status API and an Android Developer Console API, arrive in July. A separate lane for free limited-distribution accounts enters early access in July and launches globally in August; it lets students and hobbyists share apps with up to 20 devices, with no government ID and no fee. The standard full developer account carries a one-time $25 fee. Why the open-source camp is fighting it Google's case is malware. It says sideloaded sources carry far more of it than Google Play, and that scams increasingly work by talking a victim into installing a malicious APK on the spot. An identity check and a 24-hour wait are meant to break that. Google says it chose the four launch countries because they are hit hard by app scams, often from repeat offenders. The pushback has been loud since the program was announced in August 2025. F-Droid, the free-software app repository, says the requirement would end its project, because it builds and signs apps from many pseudonymous contributors who will not hand Google a legal identity. A Keep Android Open campaign backed by more than 70 organizations in 23 countries has asked Google to drop the ID checks for apps shipped outside Play. Google's concessions, the advanced flow, and the 20-device accounts answer the complaint that sideloading was being killed. They do not touch the deeper one: a single company would sit at the installation path for nearly every Android device outside China and decide who gets the smooth lane. Three questions stay open before the global rollout in 2027: whether Google spells out an appeals process for developers it flags by mistake, what it keeps in the identity registry and for how long, and whether it offers any path for repositories like F-Droid that cannot meet the per-app ownership check without changing how they work. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  Android, App Security, F-Droid, Google, Google Play, Malware, mobile security, Open Source, Sideloading ⚡ Top Stories This Week Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More ⭐ Featured Resources Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale [Watch Demo] See Which Security Gaps Attackers Could Exploit First AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check","https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fgoogle-sets-sept-30-deadline-for.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEisV9q8kKe0eopbInTHgwScUvzjKlnPTpk74j7M6F-6BH46hVr9wcadvztA2RYJdKDQDzpV89bN4wH0hEL9qTfIh2_4f3FEIT1OWwSeYehcOb-sVNNkEshTBBC6qviBMlFuwMXQL2iG_VVVBaT6NoGnbdcVBfcMm61T6NosKLtOdMgIebKCRh7hukQxIOk\u002Fs1600\u002Fplaystore.jpg","2026-06-22T12:45:08+00:00","2026-06-22T14:00:14.890034+00:00",7,[18,21],{"name":19,"type":20},"Android","product",{"name":22,"type":23},"Google","vendor","c5c77cdb-f7d7-4990-9436-c81dcbff1163",{"id":24,"icon":26,"name":27,"slug":28},null,"Policy","policy",[30,35,40],{"category":31},{"id":32,"icon":26,"name":33,"slug":34},"614132b8-5837-4952-b8b5-c6c9a32a1d85","Privacy","privacy",{"category":36},{"id":37,"icon":26,"name":38,"slug":39},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":41},{"id":24,"icon":26,"name":27,"slug":28},[]]