Your phone is about to stop being yours
For years, Android’s defining promise was simple: users had more control. You could install apps from Google Play, but you could also download an APK from a developer’s website, use an alternative app store, or experiment with software that never passed through Google’s ecosystem.
That freedom is now at the centre of a growing dispute.
Keep Android Open, a campaign supported by open-source advocates, privacy groups and technology organisations, argues that Google’s new Android developer verification programme threatens to transform sideloading from a normal user choice into a permissioned process. Google rejects that characterisation, saying the policy is necessary to curb scams, malware and repeat offenders hiding behind anonymous developer identities.
The real issue is not whether Android will still allow software from outside Google Play. It will. The question is who gets to set the conditions.
What is changing?
Google is introducing a developer verification system for Android apps distributed outside the Play Store. Under the programme, developers who want broad distribution on certified Android devices will need to verify their identity and register their applications.
Google says this creates accountability. In its view, malicious actors can currently release harmful apps, get removed, and quickly return under a new identity. Connecting software to a verified developer is intended to make that cycle harder.
There are practical exceptions. Google says developers can still install apps with Android Debug Bridge, while students and hobbyists will be able to use a free limited-distribution account for up to 20 devices without supplying government-issued ID. Users who want to install apps from unverified developers will also have access to an advanced flow designed for power users.
But critics argue that these alternatives miss the point.
Why Keep Android Open objects
The Keep Android Open campaign sees the policy as an expansion of Google’s control beyond its own app store. Its objection is not merely that developers may need to pay a fee or provide identification. It is that a developer distributing software through their own website, through F-Droid, or through an independent app store may still need Google’s approval infrastructure to reach ordinary Android users.
That changes the relationship between user, developer and platform.
Previously, the default position was that an Android user could decide whether to trust software from outside Google Play. Under the new model, the default becomes: install apps from verified developers, or navigate a more complex path to install unverified software.
For advocates of open-source software, that is a substantial shift. Small volunteer projects, privacy tools, activist applications and experimental software do not always fit comfortably into a system built around real-world identity verification, formal accounts and central registration.
F-Droid, the open-source Android app repository, has been among the most vocal critics. Its concern is that Android’s alternative software ecosystem may become dependent on a company that also operates the dominant mobile app store and many of the platform’s underlying services.
Google’s security argument
Google’s case deserves to be taken seriously.
Mobile scams increasingly rely on social engineering rather than technical exploits alone. Victims are often pressured into downloading an app that looks legitimate but is designed to steal credentials, access banking information or hand control of a device to criminals.
Google says unverified developers create an accountability gap. Its proposed advanced flow is specifically designed to slow down coerced installations: users must deliberately enable developer mode, pass security prompts, restart the device, wait a day, confirm their identity and explicitly acknowledge the risks.
For a person being hurried through a scam call, that friction may be useful.
Google also argues that sideloading is not being removed. Registered apps can still be distributed directly from websites and through third-party stores. Users who understand the risks will retain a route to install unverified apps.
That distinction matters. This is not a blanket ban on APK files or alternative app stores.
The important concern: control by default
However, the policy still changes Android’s philosophy.
The historic Android model placed more responsibility on users. It came with risk, but also with autonomy. The new model places more trust in a central identity system managed by Google.
That may be acceptable for mainstream users who only install familiar apps. Most people may never notice the change.
It matters far more to independent developers, open-source communities, security researchers and users who deliberately choose software outside the mainstream app-store ecosystem. For them, the concern is not convenience. It is whether a single company should become the identity gatekeeper for software running on devices people own.
The advanced flow does not fully resolve that concern. It preserves a route around verification, but only after users complete a deliberately high-friction process. Critics see that as a deterrent rather than a meaningful equivalent to today’s sideloading experience.
The timeline needs precision
Some campaign messaging has described the policy as a worldwide Android lockdown beginning in September 2026. That is no longer the most accurate description of Google’s stated rollout.
Google says enforcement will begin on September 30, 2026 in Brazil, Indonesia, Singapore and Thailand, initially across seven participating app stores. The company has said it intends to expand the requirements globally in 2027 and beyond.
That does not remove the long-term concern. It does mean the debate should be based on the policy as it exists, not on an overstated immediate global deadline.
Security should not require unnecessary centralisation
The strongest version of the Keep Android Open argument is not that Android should ignore malware or scam victims. It is that security measures should preserve meaningful user choice and avoid making one corporation the unavoidable intermediary between every developer and every device.
Google could reduce those concerns by committing to transparent appeal processes, clear limits on data collection, independent auditing, robust protections for anonymous and at-risk developers, and safeguards that prevent developer verification from becoming content control.
Android does not need to choose between a dangerous free-for-all and an Apple-style locked garden.
But Google’s verification programme is testing whether Android can remain genuinely open once identity, distribution and trust are increasingly routed through a single company.