Google Details New 24-Hour Process To Sideload Unverified Android Apps

An anonymous reader quotes a report from Ars Technica: Google is planning big changes for Android in 2026 aimed at combating malware across the entire device ecosystem. Starting in September, Google will begin restricting application sideloading with its developer verification program, but not everyone is on board. Android Ecosystem President Sameer Samat tells Ars that the company has been listening to feedback, and the result is the newly unveiled advanced flow, which will allow power users to skip app verification. With its new limits on sideloading, Android phones will only install apps that come from verified developers. To verify, devs releasing apps outside of Google Play will have to provide identification, upload a copy of their signing keys, and pay a $25 fee. It all seems rather onerous for people who just want to make apps without Google's intervention.

Apps that come from unverified developers won't be installable on Android phones -- unless you use the new advanced flow, which will be buried in the developer settings. When sideloading apps today, Android phones alert the user to the "unknown sources" toggle in the settings, and there's a flow to help you turn it on. The verification bypass is different and will not be revealed to users. You have to know where this is and proactively turn it on yourself, and it's not a quick process. [...] The actual legwork to activate this feature only takes a few seconds, but the 24-hour countdown makes it something you cannot do spur of the moment.

But why 24 hours? According to Samat, this is designed to combat the rising use of high-pressure social engineering attacks, in which the scammer convinces the victim they have to install an app immediately to avoid severe consequences. "In that 24-hour period, we think it becomes much harder for attackers to persist their attack," said Samat. "In that time, you can probably find out that your loved one isn't really being held in jail or that your bank account isn't really under attack." But for people who are sure they don't want Google's verification system to get in the way of sideloading any old APK they come across, they don't have to wait until they encounter an unverified app to get started. You only have to select the "indefinitely" option once on a phone, and you can turn dev options off again afterward. "For a lot of people in the world, their phone is their only computer, and it stores some of their most private information," Samat said. "Over the years, we've evolved the platform to keep it open while also keeping it safe. And I want to emphasize, if the platform isn't safe, people aren't going to use it, and that's a lose-lose situation for everyone, including developers."

What about F-droid and the like

[Zarhan]

Can you authorize an 3rd party app repository to install APKs from there, but prevent random stuff downloaded from the Internet?

Overall, I like this approach, and maybe *slightly* more idiot-proofed than the current one where you can just install anything after one prompt. But I'd like the possibility to allow permissions for a trusted source to install additional ones and have the 24-hour counter for other stuff.

Re:

[luther349]

it sounds like all there doing is adding a 24 hr timer to the allow 3rd party apps option.

Re:

[ozzymodus12]

That's what I thought as well.

Re: What about F-droid and the like

[Tomahawk]

Yes. But the vast majority of people being scammed won't have it turned on, so when the scammer talks them through the process, there'll be a 24-hour wait. Scammy McScammer isn't going to wait 24 hours for "YOU NEED TO INSTALL THIS NOW!!!!" scam.

Re:

[paulatz]

You can be totally scammed with apps downloaded from Google Play store.

Re:

[karmawarrior]

It's more than a 24 hour option, but yes, ultimately once you go through the process the unlock is permanent. (You have to do things like enable developer mode - usually a hidden setting - and reboot the phone too.)

Re:

[Zocalo]

Similar concerns here, both for F-droid apps and DJI's - which require installing from an APK downloaded directly from DJI to get the latest version. I only have a handful of apps I sideload, and when I'm not updating those I tend to have the ability to sideload turned off for the modicum of additional security afforded against inadvertant user error. If I either need to go through this 24-hour process every time I update the apps, or leave sideloading permanantly enabled (which I'd be more likely to do,

Re:

[jenningsthecat]

If I wanted a walled garden, I'd have bought an iPhone.

At this juncture I'm thinking the same. At some point I'll absolutely have to replace my ancient Samsung A520. If I can't put together an Android-based phone with a LineageOS version that allows immediate installation of any apk file I choose, from any source, then I might as well go with Apple.

But if it comes to that, I may get a cheap feature-phone for phone calls and texts, and a Pinephone or something similar as a pocket computer for web browsing and mail.

I really can't stand any iOS UI I've played with

Re:

[jvkjvk]

I wouldn't get an Apple. It works until it doesn't. You can do everything right and still have your phone f*d up. I lost my entire backup, *after* backing it up per their directions and verifying it. Talked with Apple Support for over two hours and finally they said (basically) "Sucks to be you!" And since I did the backup to perform a factory reset on the phone, after I did that I lost *everything*.

I'm getting an Android next time I need a phone.

Re:

[drinkypoo]

If I can't put together an Android-based phone with a LineageOS version that allows immediate installation of any apk file I choose, from any source, then I might as well go with Apple.

What? The Apple experience is dramatically worse than Android. You can't even change to a decent keyboard. Users have been asking them for fixed number keys during password entry for years and not only has Apple said "you don't want that, suckers" but they also don't let you swap to a better keyboard like Android has since... gingerbread?

But also, you don't need LineageOS in order to install any apk you choose, you just need to wait 24 hours after turning on sideloading. This sucks, it's irritating, it's my

Re:

[SB5407]

If I either need to go through this 24-hour process every time I update the apps, or leave sideloading permanently enabled...

Google says the 24 wait is "one-time only": https://blogger.googleusercont... [googleusercontent.com]

However, the next step in the flow is to allow unregistered apps to install for the "next seven days" or "indefinitely". So what does one do if they select "seven days" and two weeks later they want to install something? Presumably there won't be a 24-hour wait because Google says that's a "one-time" thing. But the user also chose to allow the installations for only seven days. So which is it? And if the user selected "seven days"

Re:

[OngelooflijkHaribo]

Let's be honest that there are no mobile phones that aren't a walled garden. It becomes increasingly hard to install one's own operating system on any of them and to be honest, even on desktop computers it's quite hard to get around things like the intel management engine. This is just the reality of things sadly.

I don't really like Android and how the interface works, but it's not like my desktop where I can just install whatever window manager I like that does suit my taste or even program my own if need

Re: What about F-droid and the like

[drinkypoo]

It's a massive shift from what they said before, I take it to mean their lawyers convinced them it was going to be cheaper not to cut it off. Plus this way they get to mock Apple about it still.

Re:

[AleRunner]

Can you authorize an 3rd party app repository to install APKs from there, but prevent random stuff downloaded from the Internet?

To verify, devs releasing apps outside of Google Play will have to provide identification, upload a copy of their signing keys, and pay a $25 fee. It all seems rather onerous for people who just want to make apps without Google's intervention.

That's the other case. Or to put it more simply "no". Google will treat an app installed from F-Droid like an app that's side loaded. If it's verified then fine - no problem. If it isn't verified then it won't install.

This basically forces F-Droid to mostly carry veri

Re: What about F-droid and the like

[drinkypoo]

No, it doesn't. It requires you to turn on side loading in the developer settings and wait 24 hours. This is in TFS.

Re:

[AleRunner]

If you don't have that turned on (because you are a normal user) and you install a verified F-Droid app, then the F-Droid app should be able to install verified apps without you having to either work out how to turn on developer actions or wait 24 hours.

Re:

[drinkypoo]

I agree. Even this is pretty crappy. But it is neither as crappy as what Google said they would do, nor as crappy as what many people in this discussion are saying they are doing.

They will very possibly try to alter the deal further in the future, so I am not exactly dancing in the streets over this, but it's still good news.

Re:

[strikethree]

Anything that gives YOU control is taken away. You can only suggest to the OS that your preferences be taken into account, which they won't be during every update, just like Microsoft. Have you noticed that every Samsung phone has the same ringtone now? I know for a fact that I had a custom ringtone, and can set a custom ringtone again; however, I am weary of fighting so now, I have no idea if it is my phone or somebody else's phone sending a notification or ringing.

FUCK ALL CORPORATIONS, I no longer want t

It's just pure bullsh]it

[SumDog]

Seems like a good way for people to try to install an alternative store and then forget about it. 24-hours is insanely long in modern-attention-span/Internet time. Someone might start to install F-droid and NEVER finish.

It also means that it could take 24 hours after I buy a new phone to de-google it and make it usable if it applies even after an OEM unlock and flashing to LineageOS (which hopefully it won't, but who knows at this point). Adding scare tactics like this is just another way to lock people in, making your device owned by Google and not you. It's an entire world full of computer illiterate people that have allowed this insane market (started by Apple) of personal devices that you buy that you literally don't have admin access on. Imagine Microsoft trying to do that with Windows NT4? You have to go into BIOS, disable some stuff, then copy an OEM unlock key to a floppy, then do x/y/z, before you're allowed to create an Administrator account? Without it you can only load CDs that have Microsoft verified signatures on them?

Re:

[luther349]

assuming once you enable it ti stays on thats not to bad relly,.

Re:

[allo]

Most people will only want to install one appstore and then use it. Now assume they want an epic store and need to wait 24 hours. Maybe they have forgotten about the apk for the story afterward. App(store) distributors are convincing users "right now" and Google makes them wait 24 hours. That ruins the marketing of the competition, who was happy to get the users attention right now and know that they won't get it again that soon.

Re:

[Kernel Kurtz]

Seems like a good way for people to try to install an alternative store and then forget about it. 24-hours is insanely long in modern-attention-span/Internet time. Someone might start to install F-droid and NEVER finish.

Most people who want to install F-droid will just toggle this when they take delivery of their new phone and be done.

Re:

[slipped_bit]

"You will own nothing and be happy."

Re:

[AleRunner]

"You will own nothing and be happy."

I like an optimist.

Re:

[thegarbz]

Seems like a good way for people to try to install an alternative store and then forget about it. 24-hours is insanely long in modern-attention-span/Internet time. Someone might start to install F-droid and NEVER finish.

No one starts installing an entire app store and forgets to finish. I would understand if you were talking about an individual app sure, but not an entire store.

It also means that it could take 24 hours after I buy a new phone to de-google it and make it usable if it applies even after an OEM unlock and flashing to LineageOS

Nitpick: It doesn't take 24 hours to degoogle it, it takes 24 hours to do something non-google with it. LineageOS is already de-googled.

Re:

[echo123]

FWIW, people with multiple residences in different Google regions, (US & EU for example), have to choose which Play Store region they prefer to live with and stick with their choice for at least a year, before they can switch again. The first switch after phone purchase is a little more lenient as I recall, but not after that. As I recall, Chipotle and Panera Bread are only available in the US Play Store region, not in the EU for example.

Apple was beaten to Tivoization by decades

[tepples]

insane market (started by Apple) of personal devices that you buy that you literally don't have admin access on

That was 1985 with the Nintendo Entertainment System and the Atari 7800 ProSystem, the first popular home computing devices to use cryptography to lock out unauthorized software. Between that and the iPhone was the TiVo DVR, the first popular home computing device to use cryptography to lock out unauthorized derivatives of copylefted software.

Hmmm....

[dskoll]

Depending on how it's implemented...

1. Set the clock back by a few days

2. Toggle the setting

3. Set the clock correctly

I wonder if that will work?

Re:

[Fly Swatter]

I am surprised we are still allowed to change the clock.

Re:

[OrangAsm]

If we truly cared about privacy, the clock would always be 12:00 (and flashing)

Re:seems fine

[Mr. Dollar Ton]

That's "all they are doing" after quite the backlash from users, so it isn't really all they were planning to do.

Re:

[snowshovelboy]

Imagine you are traveling, and you have your itinerary saved in a note taking app that isn't on the appstore. You are at the beach and drop your phone in the ocean. "No problem" you think to yourself as you go buy a burner phone. And then you try to set up your notes app to get your hotel's address. You are now stranded for 24 hours in a bestbuy parking lot.

Re: seems fine

[drinkypoo]

That does suck, looks like you will have to store it in an app you can get from the play store.

Re:

[AleRunner]

A) your credit card was probably stored in your phone anyway, so you can't buy a burner phone B) An unverified backup solution doesn't exist. If you had tried a disaster recovery exercise whilst at home, you would have already realized that you need to pre-install all your apps on your recovery phone.

And yes, the normal consumer now has to have corporate level IT to be able to survive in the world reliably. How they achieve that I have no idea.

Free apps are more likely to use protocols

[tepples]

you have your itinerary saved in a note taking app that isn't on the appstore

If an app meets F-Droid's licensing policy then it is more likely to follow the principle that protocols are better than platforms [knightcolumbia.org]. This means there are probably other apps, probably including apps on Google Play Store, that can reach the document repository where you saved your itinerary.

Will only stop legit users

[Njovich]

So any scammer will just use some stolen keys or id & creditcard info and gets easy access to your phone, and legit users will have to jump through stupid hoops including a 24 hour wait period.

They haven't added a single worthwhile feature to android in 5 years and yet their enshittification programme is working fine.

If you are worried about security ...

[Anonymous Coward]

... you probably would not let Google near your phone!

Re:

[Errol backfiring]

I am worried about security, but no phone manufacturer is. I put a custom "rom" on my phone, but google has spoiled it already before I even had a chance to buy it. The problem is not the customer, it is google and the manufacturers

Not a bad compromise

[TheMiddleRoad]

Scammers are a huge issue. A 24 delay is reasonable. Most people don't sideload anything. This will only affect some power users. Even power users get scammed. I have GrapheneOS, so I doubt it will affect me.

Re:

[allo]

When you last enabled sideloading you should already have gotten huge warnings "Someone may want to scam you". Do users really need a babysitter that enforces wait time, when they could just read the warnings? Allow people some responsibility for themselves.

Re:

[TheMiddleRoad]

I honestly don't remember what the warning was, because I knew what I was doing. Despite somebody modding what I wrote as flamebait for some reason, I think the bigger issue is that these OSes are so insecure. Which, again, is why I like GrapheneOS. AFAIK, it's actually reasonably secure between apps.

Re:

[allo]

I don't think they are insecure. Android puts every app in its own sandbox and allows outside access only via defined APIs that restrict what the app can access (e.g. the standard storage api requires the user to pick a file using a system dialog instead of granting full access). That's more secure than PC systems that rarely sandbox apps.

The difference is, that the ecosystem is full of malware. The appstores never had an incentive to get rid of ad- and spyware (according to PC standards) as they get their

Re:

[TheMiddleRoad]

GrapheneOS allows blocking network access, and dramatically limits the ability of apps to gather analytics unless the user authorizes them.

Re:

[Gilgaron]

It'll potentially affect in-house mobile software negatively, using Google's enterprise software management is already pretty rough

Re:

[TheMiddleRoad]

Anybody running in-house software can go through the small hurdles needed to get this working.

Re:

[Gilgaron]

You'd think so but man do I feel like Elrond "Our list of allies has grown thin" whenever resourcing upgrade projects comes up

Andoid's Cesspool Not Related to Sideloading

[BrendaEM]

Android is a cesspool because they do not care if vendors make unrealistic personal information demands. I think that comparatively, few people side-load, so Android is trying to scapegoat side loading for their ecosystem problems.

Re:

[serviscope_minor]

Parts of android are a cesspool sure.

For someone like me, it isn't. Real Firefox, with no script, unlock and privacy Badger, plus a nice selection of F/OSS apps on F-Froid make it the least cesspooly system. Oh and I get a fucking terminal and vi.

Why would I want a pocket computer without an interface that Adonai (blessed be he) intended?

Re:

[thegarbz]

I see no difference between Android and iOS for the same set of apps. People want what people want, and companies who like to rape privacy will rape privacy. Pretending this is an Android thing is stupid.

Play Store allows apps with same name

[Hentes]

To this day, the Play Store allows anyone to publish an app with the exact same name as an already existing one. Google doesn't give a fuck about security, this is about control.

Re:

[PIC16F628]

Good point. It is maddening to see hundreds of programs all called 2048 when you are trying to get one specific one. These apps do not even have an id that one can use to locate later. What kind of software engineering is this?

What about the SafetyNet?

[devslash0]

Would phones that bypassed verification and/or installed unverified apps still pass bank-app-level checks?

Shaw's principle

[paulatz]

Build a system that even a fool can use, and only a fool will want to use it.

1984 was an instruction manual after all

[WaffleMonster]

The phrase "sideload" is psychological propaganda we are all best off rejecting. There is nothing "side" about loading software you choose to use onto your own device.

Aggression is unsurprisingly always justified in terms of safety. Android permission system is intentionally engineered to own users by enabling the very same victimization they now claim they care about preventing.

Android could for example trivially allow users to deny access to networks, location, contacts or reveal identifiers like IMEI without an applications knowledge rather than present day take it or leave it demands. The fact these things are not possible without root speaks to Google's actual intent and priorities. People are needlessly being spied on and spammed enmasse because Google selfishly cares more about its interests than it does the interests of users.

When it is in Google's interest to add even more hoops for users to jump through to make it harder to install software on their own devices from competing sources then and only then do they pretend to care in order to justify unnecessary fuckery as a security feature.

Google Play services is itself offensive malware and the Google app store is a race to the bottom ecosystem that actively encourages the production and distribution of malware. F-droid is infinitely more secure than anything Google has to offer.

I hope this finally starts to crack the growing disease that is software dependencies on Google play services and more vendors start offering Google free phones by default.

Re:

[TheMiddleRoad]

What?

Re:

[markdavis]

>"Android could for example trivially allow users to deny access to networks, location, contacts or reveal identifiers like IMEI without an applications knowledge rather than present day take it or leave it demands."

^^THIS, exactly

I bought a car 12V battery monitor that has a required app to gather the data via bluetooth. Simple, right? Well, no. The app REQUIRES location to be on. And ALL THE TIME. Why? They claim Google's bluetooth system requires location services. Why? And if you refuse, the

Re:

[strikethree]

The first +6 Insightful of the year. Well said. In particular:

Android could for example trivially allow users to deny access to networks, location, contacts or reveal identifiers like IMEI without an applications knowledge rather than present day take it or leave it demands. The fact these things are not possible without root speaks to Google's actual intent and priorities. People are needlessly being spied on and spammed enmasse because Google selfishly cares more about its interests than it does the interests of users.

verified developers

[roman_mir]

We build many professional Android and iOS apps for the trucking, logistics, shipping and related industries. It is a complete disaster, what Android app store has become over the 11 years we have been dealing with them. Things are only getting worse, more complicated, longer, more expensive. I don't know what they have achieved with this but they haven't made it safer.

this is the battle for the control of computing to

[berghem]

Google were trying to closw down the platform with the mandatory registration of developers, but they also knew that they needed to be seen by (mainly European) regulators to have a security justification for doing so. The degree of opennes/closeness of app stores and the charges applied therein is the battle for control of computing today. I believe that Google realised they were over-reaching and corrected their direction, by allowing sideloading but by making it as complex and annoying as possible. This

Great

[robpoe]

Except there are phones being sold now by cricket and maybe others that have developer mode turned off for 6 months of paid subscription.

The Android app ecosystem

[Mirnotoriety]

The problem is with the basic model. Security is rendered moot every time you install an app. Regardless of whether its side-loaded or hosted on the Google Play store.

Seems like they finally got it right

[ThoolooExpress]

A lot of people in the comments are misunderstanding how this works. It's only a 24 hour timeout for unverified apps, not any apps coming from outside the Play Store. Presumably any big developers making legitimate apps can would just pay the $25 to get verified, so you can just download and install the APK. If you really do want Google to fuck off and let you do whatever you want to your phone, that's when you have to wait 24 hours. Is this amazing? No, I'd much rather have a way to pass some kind of test

Re:

[Voyager529]

A lot of people in the comments are misunderstanding how this works.

I don't think there is much in the way of misunderstanding.

It's only a 24 hour timeout for unverified apps, not any apps coming from outside the Play Store.

Still a long wait...and while I could perhaps understand a 15-minute wait (long enough for someone to realize it's a unique request), it's unnecessarily long and disproportionately punishes people who don't kiss the Google ring. Microsoft got called into court for doing FAR less to Netscape.

Presumably any big developers making legitimate apps can would just pay the $25 to get verified, so you can just download and install the APK.

...which also requires photo ID and a bunch of other hoops, which is a whole headache for FOSS apps. Besides, "verified" means that it's up to Google to bless th

Re:

[groobly]

The main reason I sideload is to install old versions of apps, usually from large coprs like Samsung or Google itself. These are NEVER hosted on the corp's website, will they be "verified"?

Re:

[tepples]

If the developer has ever published the application on Google Play Store, this means the developer is verified, and the unmodified APKs still work on devices that haven't gone through this 24-hour process.

everythging

[groobly]

Everything not prohibited is compulsory.