Source: Android Developers Blog
Google is closing a gap in app store trust by enforcing mandatory developer verification across Play Console, forcing bad actors to either abandon pseudonymity or face removal. Malicious developers have exploited Android’s relative openness—where apps can be sideloaded outside the Play Store—to distribute malware while maintaining plausible deniability through shell accounts. The enforcement creates friction for the long tail of legitimate indie developers while making attribution and takedown harder for threat actors, shifting incentives for app-based fraud, scams, and data harvesting.