Relatively easy app sideloading has been one of the greatest advantages Android has had over iOS for ages, but last year Google said it wanted to change that. While walking back some of its more restrictive ideas, the company promised to add high friction to the process. Now, we have more details about what that actually means, and it looks like that promised friction is no joke.
Google’s new app sideloading process is slow and tedious by design
Google is introducing fundamental changes to the process of installing apps that are coming from outside its Play Store. The company says in a blog post that it is intentionally making the process slow, tedious, and impossible to rush. Its idea is to introduce an installation flow that’s difficult enough to protect the average Android users from scammers using high-pressure tactics to coerce users into installing malicious apps in an emergency rush. Meanwhile, advanced users will have a one-time process that will still allow them to freely sideload apps whenever they want.
You’ll need to wait 24 hours before installing Android apps from unverified developers
The new flow for sideloading apps from unverified developers. | Image by Google
The most tedious part of the new process is that it includes a 24-hour lock before you can install an app from an unverified developer. The full process has six steps, each of which has a specific role in protecting potential scam victims. Here are all the steps with details on how each of them protects users:Enable Developer Mode: You need to manually and intentionally enable developer options before starting the install process without seeing an automatic pop-up.Confirm you’re not being coerced: You’ll need to explicitly confirm nobody is pressuring you into disabling your device’s protections.Restart your phone: This step is designed to cut off active calls, remote access, or screen sharing, which are often used by scammers.Wait 24 hours and reauthenticate: Google’s “protective waiting period” is a one-time measure to give you time to think over the manufactured urgency of scammers.Install apps: Before the installation you’ll see one more warning about the app being from an unidentified developer, but you can just tap “Install anyway.”
During the new process, you’ll be able to choose whether installing apps from unidentified sources should remain active for 7 days or indefinitely. That would allow you to freely install as many APKs from different developers as you may want for the time you have selected. That step is the reason Google says this is a one-time process for advanced users.
What is a verified developer?
The three scenarios for sideloading apps on Android. | Image by Google
The most important element of the new process is that it will be required for installing apps from unverified developers. Those will be developers who haven’t passed Google’s new Android developer verification requirements, which the company announced last year. The new rules will require developers to provide details such as their legal name, address, email address, and phone number, and in some cases a copy of a government-issued ID to Google or pay a registration fee.
There will be some exceptions to this process, though. Google will provide students and hobbyists with limited distribution accounts. Those will allow sharing apps with up to 20 people without providing a government-issued ID or paying a registration fee.
The change is coming soon, but you probably shouldn’t fret about it
Both the limited distribution accounts and the new installation flow will be rolled out to users in August. Then, the new developer verification requirements will take effect in Brazil, Indonesia, Singapore, and Thailand, followed by a global rollout sometime in 2027. While the changes may sound very drastic, for the vast majority of Android users almost nothing will change. As long as you stick to Play Store apps, you won’t need to do anything different. However, if you’re using third-party app stores and sideloading apps regularly, you’ll need to jump through some hoops.
One thing we have yet to see is how developers react to the change. If there’s a mass boycott of Google’s new system, more users may be forced to clash with this process. I doubt that will be the case because there are very few reasons for legitimate developers to avoid Google’s verification. If that helps fewer users get scammed through malicious apps, I think it’s a good move on Google’s part.
$5/mo off for 5 years on Visible premium plans
New members get $5/mo off the $35/mo Visible+ plan or $5/mo off the $45/mo Visible+ Pro plan for the first 60 months when they port-in from an eligible carrier. Use code 5OFF5 at checkout to save up to $300.
Buy at Visible
View Full Bio
Ilia, a tech journalist at PhoneArena, has been covering the mobile industry since 2011, with experience at outlets like Forbes Bulgaria. Passionate about smartphones, tablets, and consumer tech, he blends deep industry knowledge with a personal fascination that began with his first Nokia and Sony Ericsson devices. Originally from Bulgaria and now based in Lima, Peru, Ilia balances his tech obsessions with walking his dog, training at the gym, and slowly mastering Spanish.
Read the latest from Ilia Temelkov
GIPHY App Key not set. Please check settings