Google's new developer verification requirements starting September 2026 will force ALL Android app developers to register with Google - even those avoiding the Play Store entirely. F-Droid, the tr...
Unfortunately, I think this plays into the EU Cyber Resilience Act, and the developer verification is how Google is trying to comply with it…
Distributors and importers must verify that products comply with CRA standards before selling them. They must review technical documentation, ensure that software does not have known vulnerabilities and comply with update obligations. They must work with vendors to report vulnerabilities and request patches. Finally, they must conduct audits to ensure continued security over time.
[…] Finally, the resilience of mobile apps must be verified through regular testing.
It says distributors and importers. That’s what Google is via the Play Store. Still no reason I can see the disallow side loading, but Google’s lawyers, or the EU’s, may see it differently.
There probably will be an exception for the EU. I imagine.
Unfortunately, I think this plays into the EU Cyber Resilience Act, and the developer verification is how Google is trying to comply with it…
Source: https://www.mobisec.com/en/regulatory-compliance/cyber-resilience-act-dispositivi-applicazioni-mobile/
It’d make sense for Google to require this for Play Store apps, which they distribute, but not all apps.
But why would they matter to Google they where not selling those apps. Are computer manufactures going to be blamed for stuff installed on a computer.
It says distributors and importers. That’s what Google is via the Play Store. Still no reason I can see the disallow side loading, but Google’s lawyers, or the EU’s, may see it differently.
Iiinteresting.