Google Confirms Android Dev Verification Will Have Free and Paid Tiers, No Public List of Devs

An anonymous reader quotes a report from Ars Technica: As we careen toward a future in which Google has final say over what apps you can run, the company has sought to assuage the community's fears with a blog post and a casual "backstage" video. Google has said again and again since announcing the change that sideloading isn't going anywhere, but it's definitely not going to be as easy. The new information confirms app installs will be more reliant on the cloud, and devs can expect new fees, but there will be an escape hatch for hobbyists.

Confirming app verification status will be the job of a new system component called the Android Developer Verifier, which will be rolled out to devices in the next major release of Android 16. Google explains that phones must ensure each app has a package name and signing keys that have been registered with Google at the time of installation. This process may break the popular FOSS storefront F-Droid. It would be impossible for your phone to carry a database of all verified apps, so this process may require Internet access. Google plans to have a local cache of the most common sideloaded apps on devices, but for anything else, an Internet connection is required. Google suggests alternative app stores will be able to use a pre-auth token to bypass network calls, but it's still deciding how that will work.

The financial arrangement has been murky since the initial announcement, but it's getting clearer. Even though Google's largely automated verification process has been described as simple, it's still going to cost developers money. The verification process will mirror the current Google Play registration fee of $25, which Google claims will go to cover administrative costs. So anyone wishing to distribute an app on Android outside of Google's ecosystem has to pay Google to do so. What if you don't need to distribute apps widely? This is the one piece of good news as developer verification takes shape. Google will let hobbyists and students sign up with only an email for a lesser tier of verification. This won't cost anything, but there will be an unclear limit on how many times these apps can be installed. The team in the video strongly encourages everyone to go through the full verification process (and pay Google for the privilege). We've asked Google for more specifics here.

They're up to something

[rsilvergun]

If they just sign everything and anything then it doesn't do any good. Malware vendors will just go get new keys every time.

If I had the gas this is a big fuck you to epic for side loading fortnite for so long. If I read this right that basically makes it impossible for a large company like epic to do that.

In theory they can with a paid account but as antitrust law is increasingly a fever dream Google will eventually tighten the screws. And I don't think it's something that will be that far into the

Re:They're up to something

[caseih]

And at the same time they can get rid of popular youtube apps that avoid the advertising rubbish. There's no way NewPipe's developer can get a verified dev account.

If I can't run the apps I or others make without some stupid signing process, and side load what I want, what's the point of even using Android? Might as well go to an iPhone and have a fully curated "experience."

As for Europe, this is definitely malicious compliance. It does technically comply with EU demands even as it thumbs its nose at the intention of the regulation. The EU will have to continually fine-tune the regulation as Google is going to do its level best to end run around it every time.

Re:

[Jaxoreth]

If I can't run the apps I or others make without some stupid signing process, and side load what I want, what's the point of even using Android? Might as well go to an iPhone

100%. I passed on the initial iPhone because you couldn't develop for it. Then the "sweet solution" offered was iPhone-themed web apps. Finally Apple published a real SDK, but you had to pay annually, and get your apps approved.

I got a Nexus S and liked it. Learning to develop for Android was a chore, but I was able to run applications I'd written and share them with others. I couldn't have done that with iOS.

However, you can (a) download the iOS dev tools for free, (b) build iOS apps on a Mac and run

Re:They're up to something

[caseih]

Actually I suspect this verification will roll out to all versions of Android currently pulling Google Play Services updates. In other words existing phones will see this rolled out sooner or later.

Re:

[allo]

I wanted to try on my next ROM upgrade microG anyway. And if Google fucks up too much then F-Droid only.

Re:

[codebase7]

The solution is regulating locked bootloaders out of existence.

If someone else wants to run code I can't inspect, modify, or control, sucks to be you. Get your own device. Or better yet, move to a different industry. We don't need products or services that claim "safety" and "security" when pushing control and surveillance to satisfy some schizo's inability to accept that other people may handle the products / services they provide [youtu.be].

Re:

[AmiMoJo]

The EU takes a very dim view of malicious compliance. I doubt Google would try to subvert the EU's rules, and they have shown a willingness to comply (unlike Apple) in the past. Sure they get their lawyers to argue against it, but when the decision is made they follow it.

We shall see, but I imagine either the carve out for hobbyists and alternative app stores will be huge, or Europe just won't get this requirement at all.

1..2..3 until adblocker devs are all banned

[sinij]

The march to enshittification continues.

What about a private list of devs that is leaked?

[ebunga]

Complete with names, addresses, tax information, copies of photo IDs, and also the correlated advertising profile so that they can be offered a personalized advertisement for the perfect mattress?

Re:

[Z00L00K]

Add bank account, social security number (or corresponding for other countries) and medical records to that list and you are cooked and roasted 7 ways from hell.

Re:

[NewtonsLaw]

Dear Customer,

Thank you for purchasing a device powered by Android(TM). Please note that in order to use the device you have BOUGHT AND PAID FOR to run the apps YOU HAVE WRITTEN you will have to supply a government-issued ID, proof of address and a payment of US$25.

Note, the permissions then granted may be revoked at any time for any reason and those reasons may not be disclosed.

Any appeals to such revocation will be handled by our AI chatbot but, in order to save time, we have predetermined the outcome:

Re:

[ZipNada]

>> to run the apps YOU HAVE WRITTEN

I was concerned about this too but the blog post explicitly says states that you can install apps through Android Studio without registering.

No, thanks.

[Mr. Dollar Ton]

Hopefully we won't see any of this shit in the EU.

Re:

[dinfinity]

Hear, hear. Even with all its warts, the EU really is the only institution effectively protecting us and the world against shit like this and I am thankful for that.

Re:

[davidone]

Yeah, fat chance. They are so all bent on chat control that they "whoops" are not going to notice anything else

And if they don't approve of your app?

[caseih]

A free tier is great and all, but suppose I want to make an app for others to side load that Google disagrees with? They will obviously pull the verification and prevent anyone from using my app. And if an app becomes popular, reglardless of what app store it's in, Google can bump the developer to a higher paid tier and demand payment.

I have to hand it to Google. They've on-upped Apple on this. They can claim to government regulators they allow side-loading, while still maintaining absolute control over what people do with their phones and they've found a way to charge for every app even if it's not on their store. I fully expect Apple to do the exact same thing. Sweet sweet 30%. Although by manipulating the developer fees they basically charge anything they want.

All in all this is very disappointing and unacceptable.

The more important aspect is another one

[Casandro]

They can just approve every apps, but they can just hand out the name and address of developers. That way if you have a fascist government, they can get the name and address from Google and "convince" the developer to withdraw their app.

We have seen that Big-"Tech" does not even try to stop fascism.

Blocks ad blocker apps

[p51d007]

I've been using AdGuard on my phone & PC's for years to knock down the garbage. The PC version will obviously still load, but their app isn't on the Google Play Store. You have to download it from Adguard's website and load it. Google wants as many ads on their apps as possible to generate revenue even if people ignore the ads. It's all about generating MORE ads for them. If they were so worried about malware, their "google play protect" would weed them out!

The Intersection of Profit and Fashism

[Casandro]

Such a feature is wonderfully useful for Profits and Fashism. You can block out ad-blockers or other software that threatens business models.... and you can block software that tries to circumvent fashism.

If every app has a person attached to it, it's fairly easy to go against software that software that doesn't spy on the user. You just go against that person. It's a dream for both fashists and corporate lawyers.

Blackmail

[LainTouko]

Surely they can be prosecuted for blackmailing people who want to make code on Android phones for that $25 in at least a few jurisdictions?

Good of them for defending sideloading meh

[Cley Faye]

It's so good to see that the recent ruling that imposed them to allow third-party stores worked so well for consumers and dev all around, right?
Having a central authority dictate what's allowed and what isn't is also a boon for free speech.
There is no way this can be abused in any way, correct?
Good thing we stayed on Android to avoid Apple bullshit walled garden, phew, thanks open source OS!
Sarcasm, obviously. With the incoming "chat control" thing in the EU, probably mandatory digital ID app in the

Rooting anyone?

[davidone]

I remember when jailbreaking was a thing, even the less technical iphone users were on it.
Now I am asking myself, is this going to be a revival for android rooting?

Needed

[david1k]

Package managers for Linux already have a similar capability. It helps.

Make it complicated

[allo]

Make it complicated so nobody understands why it is a problem, then point to the free tier and claim everything is fine.

First: People don't want to share their real identity with Google. Several F-Droid Apps already include popups that their devs will not comply with that requirement.
Second: Google gets the control. They revoke the certificate, your app can't be installed anymore. So they are indeed controlling who can and can't publish. They also not only have an option to get people not to publish apps they don't like, but also get people to not even try it because it could get them into trouble, effectively forcing their rules on people without even enforcing them.
Third: They introduce artificial limits. How many installations, on what devices, etc. And they can change them any time.

Google must not be able to prevent free installation (fuck the word sideloading) of apps. They are (ab)using their power to restrict what other developers can do.

The year of the Linux phone has arrived

[berghem]

I have a Fairphone 4 (FP4). FP4 has stable 20.04 channel on Ubuntu touch, but I never bothered investigating it because of the ease of using Android and f-Droid giving me so many apps that are good and are actively maintained

Google overplaying their hands with power users will mean that, finally, enough people will have had enough of Android - as people said, what's the point of Android if you can't install the software you want?

(Dramatic dum roll)

The year of the Linux phone has arrived