Recently, Google announced that starting in 2026, only apps from verified developers will be installable on certified Android devices. Representatives of F-Droid say that if developers operating outside the Google Play store are required to undergo verification, it could threaten the existence of any alternative app stores, including F-Droid.
F-Droid has existed for 15 years and is an app store and repository of free and open-source software (FOSS) for Android. It provides an alternative to the Google Play store and allows users to search for, install, and update apps, as well as offering tools for developers.
According to the F-Droid team, Google’s proposed developer verification program threatens the free distribution of apps. Google claims that requiring developers to provide real information about themselves should reduce the amount of malware. However, even the official Google Play store is not free of malware, and F-Droid believes the new measures will not eliminate the risks associated with installing apps from third-party sources.
Recall that in August 2025, Google representatives announced that soon only apps from verified developers would be installable on certified Android devices. This measure is aimed at combating malware and financial fraud and is expected to apply even to apps installed from third-party sources.
The requirement will apply to all “certified Android devices,” that is, devices that run Play Protect and have Google apps preinstalled.
Back in 2023, similar requirements appeared in the Google Play Store, and the company claims this led to a sharp decrease in the number of malicious apps and fraud cases. Therefore, starting in 2026, these requirements will become mandatory for all apps, including those distributed through third-party app stores and via sideloading, that is, installation from third-party sources (when the user manually downloads an APK file to the device).
In this way, Google wants to combat “convincing fake apps” and make it harder for attackers who start distributing the next piece of malware soon after Google has removed the previous one.
At the same time, the company stated that “developers will retain the same freedom to distribute their apps directly to users through third-party sources or to use any app store they prefer.”
To implement this initiative, a separate and streamlined Android Developer Console will be created, intended for developers who distribute their apps outside the Google Play Store. After identity verification, developers will need to register the package name and signing keys of their apps.
Those who distribute apps through the Google Play store are “likely already compliant with verification requirements through the existing Play Console process,” where organizations are required to provide a D-U-N-S number (Data Universal Numbering System — a unique nine-digit identifier for legal entities).
It is expected that testing of the new verification system will begin as early as October, and the first Android developers will get access to it.
The verification requirement is set to take effect in September 2026 in Brazil, Indonesia, Singapore, and Thailand. Google explains that these countries are “particularly affected by such forms of fraudulent apps.” Then, in 2027, developer verification will begin to be applied worldwide.
As F-Droid representatives write, this verification approach will create serious problems for the operation of third-party app stores in general and F-Droid in particular. The platform, by design, does not permit tracking or intrusive advertising in the apps it distributes. Every project is provided as source code, reviewed, and built by F-Droid.
It is emphasized that F-Droid will not be able to require developers to undergo mandatory verification with Google or to “intercept” app identifiers in order to register them itself. After all, that would effectively amount to claiming the rights to distribute the apps.
F-Droid says the project won’t be able to continue operating if Google fully brings the Android ecosystem under its control through the developer verification program.
In addition to collecting personal data, Google intends to charge independent developers registration fees, and many of them distribute their software for free and will not pay. Already now, Google is asking participants testing the new system whether they can pay the application fee for verification in US dollars, which indirectly confirms its intention to charge developers.
The F-Droid team’s position is that people have the right to decide for themselves what software they want to run on their devices. Attempting to force all developers to register and undergo verification with Google is an encroachment on freedom of speech and thought, the project’s authors believe.
F-Droid developers accuse Google of hiding behind security while actually seeking to strengthen its monopoly in software distribution. F-Droid is calling on regulators in the US and EU to closely examine the company’s plans before it’s too late, and recommends that concerned developers and users contact authorities and demand action.