Google will let "power users" continue to sideload apps from unverified developers - Liliputing

Most phones, tablets, and other devices that ship with Google’s Android operating system come with the Google Play Store pre-installed. But as long as Android’s been around, there’s also been a feature that lets you install apps downloaded from other sources through a process generally known as “sideloading.”

But this summer the company announced that it was going to require developers of apps that aren’t available in the Play Store to register with Google if they wanted users to be able to continue sideloading those apps. Google says this is a security measure that will make it easier to protect users – and there’s certainly a case to be made that the move would have that impact. But it would also have a devastating impact on F-Droid and other apps and app repositories that want to steer clear of Google’s rules and restrictions.

Now Google has announced that, in response to feedback, the company will continue to allow developers and “power users who have a higher risk tolerance” to continue sideloading apps from unverified developers. But you’ll have to jump through some hoops to do it.

In a blog post announcing that the new developer verification process is now available, Google also notes that once the new system is fully rolled out, there will be at least two ways to continue installing unverified apps.

1. There will be a new developer “account type for students and hobbyists” that allows “you to distribute your creations to a limited number of devices without going through the full verification requirements.” This is aimed at folks who just want to make a custom app for friends, family, or other small groups, not those who want to make their apps widely available though.
2. The bigger news is that Google is “building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified.”

Google hasn’t spelled out the steps that users will have to take yet, but the stated goal is that it should be complicated enough and come with enough warning labels that it would be difficult for a scammer to trick anyone into installing a malicious app. For example, if somebody calls you and claims to be a representative of your bank and tells you that you need to download and install an app to verify your identity, you’d be greeted by warning screens on your device alerting you to the risks associated with installing an app from an unverified developer, which would hopefully make you think twice about double-checking to confirm whether that call really is coming from your bank.

There is some precedent for this – there are certain features that are available to advanced Android users that require you to enable developer options. That usually means opening your phone’s Settings app, navigating to the About Phone section (and maybe a sub-menu on models from some phone makers), and then tapping seven times on the Build number. This is relatively easy to do if you know how, but pretty difficult to do by accident.

Hopefully the new “advanced flow” for sideloading unverified apps walks a similar line. We should know more in the coming months – Google says it’s currently “gathering early feedback on the design of this feature.”

via Android Authority