the community of Android developers have reacted with concern after Google's announcement on the introduction of a mandatory registration for developers and applications in future certified builds of the operating system. The measure, which seeks to strengthen security and control in software distribution, will come with a $25 registration fee, although a free option will also be offered for students and fans.
This free account will allow personal developers to install their apps on a limited number of devices, without requiring official identification, but with strict distribution restrictions.
Free accounts with limits and individual registration per device
The free option, designed for personal or educational projects, It will not be valid for mass publishing of apps.. Each developer will need to register manually the unique identifiers of the devices on which your applications will be installed through the Android Developer Console.
Thus, Before installing an external application, the user must share their device identifier with the developer, who will authorize it from their account. Google says this system aims to prevent abuse of free accounts by malicious actors trying to distribute unverified software.
Developer Verifier: The New Security Layer in Android
Another key element of the new system is the Android Developer Verifier, a service that verifies developer legitimacy online before allowing the installation of an application.
Every time a user installs an app for the first time, Android will query a Google verification server, which will confirm whether the developer's digital signature is valid. To optimize the process, the system will store a local cache of checks for the most popular applications, avoiding repeated external checks.
Furthermore, Google plans to incorporate tokens pre-authentication for app catalogs, which will allow authorized repositories to install software without going through remote verification on each installation.
Support for ADB, businesses, and local development
Despite the restrictions, the installations using ADB (Android Debug Bridge) will continue to operate without limitations, so testing and debugging from Android Studio will not be affected. Exceptions will also be made for enterprise applications distributed internally using centralized management tools.
Measures seek to protect users without hindering the work of legitimate developers, although the community fears that the new requirements will complicate alternative software distribution, especially in independent repositories like F-Droid, which compiles and signs apps autonomously.
F-Droid, duplicate names, and developer privacy
One of the The most notable conflict is the incompatibility of the new system with F-Droid. Since this catalog uses your own digital signature instead of the original author's, you won't be able to register apps on behalf of third parties without violating Google's exclusivity rules.
Also A problem with duplicate package names has been mentioned, since after verification, only one unique identifier will be allowed per application. In case of conflict, the package with the most installations will retain the name, forcing less popular developers to rename their projects.
During conversations with the community, Google representatives acknowledged the developers' concerns who seek to maintain anonymity, especially in sensitive contexts such as activism or dissent. The company assured that it will not disclose personal data publicly, although it may share it with authorities upon legal request.
Implementation schedule and verification requirements
El new system will be rolled out gradually. Application verification components will be included in the Android 16 QPR2 update, scheduled for December. Subsequently, In March 2026, verification will be available to all developers., and in September of the same year it will become mandatory in Brazil, Indonesia, Singapore, and Thailand. During 2027, the requirement will be expanded to other countries.
To complete registration, developers must provide their name, address, email address, phone number, and a photo of their ID. For students or amateurs, no official ID will be required, while organizations must verify their website and provide a Digital Entity Identifier (DUNS).
Each application must be registered with its package name and digital signature key, which will allow Google to confirm its authorship and prevent identity theft.
Source: https://android-developers.googleblog.com