If you haven’t seen this yet, Google is planning to require mandatory developer identity verification for all Android apps, including apps distributed outside the Play Store, taking effect September 2026. This affects every independent and open source Android developer directly.
This is not just about the Play Store. After September 2026, on any certified Android device, applications from unverified developers will be blocked by default. The only proposed bypass, the “advanced flow”, exists only as a blog post and has not appeared in any beta, dev preview, or canary release. No one outside Google has seen it.
The community has been fighting back at keepandroidopen.org:
- Read the full breakdown of what this means
- Sign the open letter (organisations only)
- Contact your national regulators — contacts listed by country on the site
- Add the countdown banner to your project
September 2026 is closer than it looks. The time to push back is now.
If you use a Google Pixel phone, you’re the biggest chud.
It is, ironically, the only phone were you can install GrapheneOS, arguably the most secure and private phone you can have today.
Fuck them. I hope open source / de-googled android can somehow survive this.
So much for their “don’t be evil” policy
didnt they drop it like decade ago?
I don’t get it… Google‘s main appeal over Apple is that you can install anything on Android. It runs worse, is less stable and sometimes just does dumb stuff. That’s like if Nintendo would get rid of Mario/Pokémon
I don’t think that’s really the main appeal, honestly. The main appeal is just that it isn’t Apple. And were I someone who didn’t care about the installation of third-party applications, I wouldn’t be running to buy an iPhone. Android is just plain more customizable and if you need a quality of life feature, you’re probably going to find some way to have it.
Except now that feature is locked
Android’s own appeal probably died somewhere in 2013 or 2014, but it has always kept strong for a very simple reason: phone prices. You could either pay 700 dollars for an iphone, or 200 for an android
That was it before they got a solid fanbase. Now the main appeal is that they are mostly cheaper phones.
Cheaper, but not by far:
iPhone 17 Pixel 10 iPhone 17 Pro Pixel 10 Pro iPhone 17 Pro Max Pixel 10 Pro XL € 979 899 1339 1099 1489 1299 Why make this a table instead of a list?
You are taking the flagship phones. If you want a simple, functional phone, you can find some decent ones for a price as low as 200€
Indeed, since the company behind Android+PlayServices also sells phones running Android+PlayServices. But aside from this it’s on me for reading something that was not written.
I hope projects like Postmarket OS and Sailfish get big enough soon and have compatibility in banking apps so we can make the switch to Linux phones. Android is a sinking ship tbh.
I’ve never used a banking app. Don’t they usually have web sites? What am I missing on?
Nothing, but in some countries banks force you to use apps. You know, "for your security ".
Pretty much. My bank imposes transfer limits on the web portal vs the app, since there’s purportedly more security in the physical device rather than a web page accessible from any system.
While I don’t necessarily disagree with this, it means those apps also have to be searching for things like “Is USB debugging on? Is this running in an emulator? Is the device rooted?”
None of these are bad checks to make from a security perspective, but by relying on the app on a single device as a defacto MFA hurts the ability to manage personal finances when you’re in a position like this, with Google defining the security requirements of their ecosystem at a higher level than any single app.
I am forced to use the app to access the website.
my main use of my bank application is for verification for government stuff, as well as managing my money without having to get on my pc. it would be really annoying to lose access to it, as with it i dont have to use the verification number table which is physical table of numbers that has to be replaced occasionally and could get lost.
Banks, government apps and main apps (Whatsapp, etc.) are on Google Play. It’s clear governments will stick with Google. What is left to know is how seriously democratic governments take civil liberties.
There have been talks in Europe about how we are dependent on American tech for our digital infrastructure. Some politicians even pushing for an alternative to Apple and Google. I hope everyone else wakes up before it’s too late.
L!
Fuck Google.
It just occured to me what this is all about: shutting down the ICE tracking app. They won’t carry it on the play store, but its still being shared.
With this, you can’t get it on your phone. And, given how much Google is sucking up to tRump, they want to help him shut this down along with all the other evil.
The governments put pressure on Google to police off play apps and harm because they are attached to Android so they’re being required to build this.
You can still get it, you just need to wait 24h before you can install the first app the first time, and there will be some big scary warnings.
Right, but after this change over?
Ya, this is their new workflow for people who dont authentic themselves.
Turn on developer mode and choose the right setting, reboot phone, wait 24h, then you can install anything. You have the option to stay like this, or revert to 24h wait after 7 days.
Edit: they just announced it in the past few days.
I was already looking flashing my Fairphone with Sailfish. But this move of Google is the final straw. Sailfish fully supports android apps. I’m already running every google app in a sandbox and stopped using my contactless payment.
I thought they just rolled this back?
Once per device you will need to wait 24 hours before installing unauthorized apps. That’s all the new restrictions do. It will basically not affect power users at all.
For scammers, the 24 hour waiting period completely breaks their scams. They won’t be able to trick people into installing malware if they have to call back to resume the scam the next day. Google said that was their goal and their new solution actually does this without impeding power users.
Google found the balance that we were asking them for, yet people won’t stop complaining and even lying about it in posts like this. Maybe that energy is why the users won this time, but either way, take that energy and fight any of the thousands of real fights.
“Will not affect power users at all” is just not true. I will now have to wait an entire day before I can start using my next phone. Well, either that or android-translation-layer advances enough for me to switch to a Linux phone full-time.
Sideloading APKs is an easy vector but so is the Google Play Store. It’ll take scammers like 5 minutes to just perma move to GPlay shenanigans, and its already well known to have poor quality control and tons of malware available to download with the useless play protect logo.
This is just Google’s public justification for creating their walled garden. They already pulled this exact scam with Chinese OEMs which is how Huawei got banned, and others stopped selling in the US. They huffed up some story about CCP spyware and then mandated that GPlay be installed in full, otherwise face consequences from congress.
Even Samsung got pulled in and they essentially agreed to use GApps as the de facto communication suite for their phones in exchange for allowing Samsung to continue to use their Galaxy store.
They see stuff like AOSP as a threat because anyone can just fork the OS and make their own non google Android, and they don’t want any OEM to replace GPlay like what Motorola is attempting right now (hence the increased urgency to lock down Android).
Google’s monopoly in the mobile space revolves around every phone using GPlay, so they’ll do anything to maintain their control.
Got a link boss? You’ll excuse me if I don’t take your word for it and all that
The website linked above lays out the change https://keepandroidopen.org/
That is all true, however it seems like a slippery slope to me.
To stop scams, it would instead be a good idea to block app installation (of ANY apps including in the Play Store) when the screen is being monitored or a call is active.
Then when sideloading apps, grey out the install button for 3 seconds to hopefully pull the user out of any mindless flow state a scammer has put them in.
Or we stop babyproofing the world for fools. Imagine a car that only ran gas from approved gas stations because someone was caught inhaling unapproved gas when someone else told them it would heal their sickness.
As far as I’m aware, there’s only the advanced flow thing that is mentioned in this post?
If that’s the only solution, I wouldn’t call that “rolling back.”
For a while they were completely removing the ability to install unsigned apps altogether. So continuing to allow it albeit with more steps is indeed stepping back somewhat from what their plans were.
Rolling back usually means to revert it fully.
The advanced flow (which includes a 24hr wait time) is not rolling back and I wouldn’t call it stepping back either. It’s obviously designed to kedp friction high so thst no one even bothers with freedom and privacy protecting apps that dont want to or can’t go through googles verification process.
This isn’t what you think it is… it’s barely conceding when the friction remains this high.
You’re being overly pedantic about my word choice instead of actually just discussing this without trying to be condescending and one up people. Online discussions are conversations, not competitions.
Google made some noises in a blog post, but beyond that there is no evidence that they have changed direction. I guess you can take them at their word if you want, but that seems rather naive given the context.
They came out with more information on what their walk back looks like. More information is on the website https://keepandroidopen.org/
This entire flow is delivered through Google Play Services, not the Android OS, meaning Google can modify, restrict, or remove it at any time without an OS update and without any user consent. The advanced flow has still not appeared in any Android beta, dev preview, or canary release. As of the date of this update, it exists only as a blog post and UI mockups. The community is being asked to accept a product announcement as a functional safeguard five months before the mandate takes effect.
Until Google provides a shipping implementation that can be independently verified, our position remains unchanged: all apps from non-registered developers will be blocked once their lockdown goes into effect in September 2026.
They did, but why talk about that when we can just fearmonger about things that aren’t happening?
There is more information on the website. This was Google’s “solution”:
Update: Google has revealed the “advanced flow” — it is not a solution
On March 19, 2026, Google published details ↗ of the “advanced flow” mechanism intended for “power users” to allow installation of applications from unverified developers after the lockdown takes effect. It goes like this:
- Enable Developer Mode ↗ by tapping the software build number in About Phone seven times
- In Settings > System, open Developer Options and scroll down to “Allow Unverified Packages.”
- Flip the toggle and answer a scare screen confirming that you are not being coerced
- Enter your device unlock pin/password
- Restart your device
- Wait 24 hours
- Return to the unverified packages menu at the end of the security delay
- Scroll past additional scare screen warnings and select either “Allow temporarily” (seven days) or “Allow indefinitely.”
- On the next scare screen, confirm that you understand the risks.
- You can now install unverified packages on the device by tapping the “Install anyway” option in the package manager.
This entire flow is delivered through Google Play Services, not the Android OS, meaning Google can modify, restrict, or remove it at any time without an OS update and without any user consent. The advanced flow has still not appeared in any Android beta, dev preview, or canary release. As of the date of this update, it exists only as a blog post and UI mockups. The community is being asked to accept a product announcement as a functional safeguard five months before the mandate takes effect.
Until Google provides a shipping implementation that can be independently verified, our position remains unchanged: all apps from non-registered developers will be blocked once their lockdown goes into effect in September 2026.
I’m gonna stick to pre-owned devices with alternate ROMs like Lineage, Cyanogen, RR, Havoc, Bliss, cr, Viper, AOSP, KP, ISP, etc. or any of the other hundred brews. I don’t anticipate getting a phone that runs android and is not able to be modified EVER. Eventually if the time comes that the tech changed so vastly that they’re not usable anymore (like 3G now) by then hopefully there will be full Linux phones or some other varieties. Maybe many.
But the thing is the mainstream masses just don’t give a shit. Their rights and liberties have been getting chewed away at for decades and they just can’t seem to care. As long as they are entertained enough and the culture like ours - ie geek subculture / hacking community continues to be mocked and vilified, they’re certainly not gonna listen to us.
But what’s new about that? Nada.
We are forever going to remain a fringe community and I just accept that. When a family member has Alexa devices and I show them all the analytics and tests and records from all the various sources that provide empirical evidence of constant surveillance and spying and uploading of eavesdropped audio and the folks just go eh oh well eh yeah but ah useful eh I have nothing to hide ehhh urrrgh … I start to see them with sunken eye sockets and protruding brow ridges. They are the fools and the suckers and the sheep. They’re the ones who will line up to be implanted with a chip, they’re the ones who will pay to have their brains mapped and catalogued. You can’t cure fucking stupid. Meanwhile people like us will remain the fringe “undesirables” as long as our hearts beat.
The solution is GrapheneOS. You can install it on Google Pixels today, and Motorola is going to release some devices with official support for it in 2027.
That’s not the single solution. You can put dozens of ROMs on dozens of other devices. I buy older devices at cheap prices and put custom ROMs on them and then sell them. It’s fairly lucrative; more so as time goes on. Plenty of people want this kind of privacy but don’t have the skills or confidence to modify their devices. Motorola and Samsung the most by far, but also LG and various others occasionally.
Yeah the real issue is ease of access and simplicity. GrapheneOS is appealing to me, but 1. I don’t want to buy a google pixel just to get it and 2. I don’t have the confidence to replace the OS, no matter how easy the guide says it is. If I had someone in person to help me I’d maybe consider it, but I’m just so worried I’d mess it up and brick the phone
I was planning to get an android phone in a few months since I unfortunately still have my old iPhone, but with this GrapheneOS Motorola phone coming out in 2027 I might see if I can make this phone last till that comes out if android is gonna be locked down too
Other ROMs are usually very bad at security with many being late to secuity updates, not supporting bootloader relocking, and not using the secure element. I would not trust them in the hands of someone who isn’t tech savvy or is at high risk of hackers.
They’re really working hard at distancing themselves from that “Don’t be evil” motto.
they did that years ago
they stopped as soon as they stopped blocking eleciton denial content YT. they were preparing to support trump with propaganda 1-2 years before his election.
time to figure out how to root my phone
The thing is that will likely break bank apps
I get that you can get around this but there are 2 major problems I see.
-
Google now has a flag on my phone they can control remotely to keep me from accessing the apps I want to use.
-
Alternative app stores like F-Droid will never be any more popular than they are today. This raises the barrier to entry so much that we can effectively consider the open source phone app movement to be dead in the water.
-
