Google to Require Identity Verification for Android App Developers: Here’s the Rollout Timeline – Source: www.techrepublic.com

Google will soon require all Android app developers to verify their identities, even if they do not list their apps on its Play Store. Currently, those who create “sideloaded” apps, which are downloaded outside the official app marketplace, are exempt from Google’s verification requirements.

However, as of Sept. 2026, this exemption will change.

“Android will require all apps to be registered by verified developers in order to be installed on certified Android devices,” Google wrote in a statement. “This creates crucial accountability, making it much harder for malicious actors to quickly distribute another harmful app after we take the first one down.”

Installations of any app that is not attached to either an identity-verified Play Console account or a new “Android Developer Console” account will be blocked. Google has stressed that the process of sideloading and distribution through alternative app stores will remain allowed, “preserving choice while enhancing security for everyone.”

Why developers, good and bad, opt for sideloading

There is a community of developers who create sideloaded apps for convenience. To list on the Play Store, a developer must have a Play Console account, which requires identity verification, a membership fee, and agreement to several policies.

This places a burden on those who may wish to remain anonymous or simply want to gauge interest in a prototype app. They may choose to distribute their apps through forums, Telegram, Discord, GitHub, or direct download sites instead of the Play Store.

However, bad actors also benefit from the anonymity of sideloading and have been known to distribute malware through the same unofficial app channels as innocent hobbyists.

“Recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play,” Google said.

Google Play Protect, the security software built into all Android devices, already scans apps for malware, regardless of whether they came from the Play Store or elsewhere. However, Google is also trying to add an extra layer of protection by stopping malicious app developers from hiding behind anonymity.

In practice, this means that any Android app developer without a verified Play Console account must acquire a new Android Developer Console account. Google says it will only be checking the developer’s identity, not the content of their app or its origin.

Apple has a similar practice in place for sideloaded apps on macOS. Installations of apps not associated with a verified Developer ID will be blocked by the Gatekeeper security feature or trigger a warning that discourages users from opening them.

Google requires specific developer info to create an Android Developer Console account

To create an account, developers must submit their identity information, including their legal name, address, email address, phone number, organisation name, and D-U-N-S number (if applicable).

Once logged into the Android Developer Console, they must then submit a government-issued identity document, such as a driver’s license or passport, and verify their phone number with a one-time password. They also need to submit an official organisation document and verify their website.

Once this verification is complete, the account holder can begin registering their app’s package names and signing keys. Only then will users actually be able to install the app on a certified Android device — those that come with the Play Store, Play Services, and other Google Mobile Services apps preinstalled.

Organisations will need to pay a $25 fee to open an Android Developer Console account, while individuals, such as hobbyists and students, will not. Registering apps that are not intended for distribution on the Play Store will also be doable through the Play Console.

However, unlike with the Play Console, the personal information submitted through the Android Developer Console for verification purposes will not be visible to app users, according to Android Authority.

Implementation timeline

Here’s how the rollout is scheduled to unfold:

• October 2025: Limited early access to the Android Developer Console opens. Those who sign up get access to an exclusive discussion forum, priority support, and the opportunity to provide feedback.
• March 2026: Verification opens for all developers.
• September 2026: Requirements take effect in Brazil, Indonesia, Singapore, and Thailand. These are places “specifically impacted by these forms of fraudulent app scams, often from repeat perpetrators.”
• 2027 and beyond: The requirements will gradually be rolled out globally.

Google is starting to allow European app developers to direct their users to payment options outside of the Play Store for in-app purchases.