Google confirms biggest shake-up to Android in years as it battles to block dangerous malware

a woman holding a samsung phone at the camera with a warning symbol

Google has announced a dramatic shake-up to Android that it believes will reduce the amount of malware available to download on its devices, after analysis found that sideloading is 50x more likely to see phone owners stumble across malware

|

SORA | GB NEWS

Aaron Brown

By Aaron Brown


Published: 27/08/2025

- 09:37

All products and promotions are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more

desktop-comment

You'll still be able to download Android apps from outside of the Play Store

Google just announced one of the biggest overhauls to Android since its inception.

For the first time, Google will require all developers to verify their identity before their software can be installed on any Android device. This has always been the case with downloads from the Play Store, the app repository run by Google. However, the rules now apply to apps that are "sideloaded" too.

The latter refers to the process of installing an Android app from a source outside of the Google Play Store. This means downloading an Android Package (APK) file from the internet and manually installing it onto your device. Sideloading offers access to software that isn't available in the Play Store, but carries security risks, since Google isn't running checks on these apps for malware or security issues. With the new rule, it will vet the developers behind the software.

Google verification banner image

Google will offer its new verification system in Brazil, Indonesia, Singapore, and Thailand first, before rolling-out to more countries worldwide in the coming months

|

GOOGLE PRESS OFFICE

Google made the decision after new analysis found "over 50 times more malware from internet-sideloaded sources than on apps available through Google Play".

It hopes that checking the identity of all developers who make Android apps available to download will better protect users from "bad actors spreading malware and scams."

The ability to sideload remains one of the biggest differences between Android and iOS — the operating system that powers the iPhone. While the former has always offered the ability to download and install software from a variety of sources online, Apple has always restricted iOS and iPad apps to its App Store in the name of security.

In a blog post about the seismic shift for Android, Vice President of Product, Trust and Growth for Android, Suzanne Frey explained: "As new threats emerge, we’ve continued to evolve our defences. Following recent attacks, including those targeting people's financial data on their phones, we've worked to increase developer accountability to prevent abuse.

"We’ve seen how malicious actors hide behind anonymity to harm users by impersonating developers and using their brand image to create convincing fake apps. The scale of this threat is significant: our recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play."

The shake-up will be slowly rolled out worldwide. Google has provided a rough timeline of the implementation of its new features:

  • October 2025 | Early access to the new verification system begins. Invitations will be sent out gradually
  • March 2026 | Verification requirement opens for all developers
  • September 2026 | Strict new requirements will come into effect in Brazil, Indonesia, Singapore, and Thailand. At this point, any app installed on a certified Android device in these regions must be registered by a verified developer
  • 2027 and beyond | Google will continue to roll out the new requirements worldwide

Get 52% off NordPass password manager

NordPass is a secure password manager that works across your favourite devices, including iPhone and Android, Windows and Mac, and more. It'll evaluate your password strength, autofill login details, and warn about data breaches on the Dark Web that impact you. It's a one-stop-shop to fight back against hackers from the team behind the award-winning NordVPN

NordPass
$2.57 $1.09
Buy Now

Switch to 1Password for free

The award-winning 1Password is designed to generate and store unguessable passwords, passkeys, credit card numbers, national insurance numbers, and much more. Its built-in WatchTower feature evaluates password strength and warns about data breaches that impact you. 1Password is currently free to test for 14 days with no obligation to subscribe

1Password
$2.99 $0
Buy Now

Google likened the process to "an ID check at the airport", with the company confirming the identity of the developer behind the app you're trying to download — but not reviewing the contents of the app. This isn't a move from Google to restrict certain types of software from becoming available on its devices.

LATEST DEVELOPMENTS

Ms Frey added: "To be clear, developers will have the same freedom to distribute their apps directly to users through sideloading or to use any app store they prefer. We believe this is how an open system should work — by preserving choice while enhancing security for everyone."

Whether this new process will help reduce the number of threats faced by Android users remains to be seen, but fingers crossed, smartphone and tablet owners are a little safer after this new requirement rolls out in the coming years.

TechGoogleMalwareAndroid
More From GB News