Skip to main content

Android app devs will now be required to verify their identity

Android
(Image credit: Shutterstock)

In a bid to prevent malicious apps from ending up on the Play Store, Google has announced a couple of steps to verify the identity of mobile app developers on its platform.

Cybersecurity researchers have detected all kinds of threats lurking in malicious apps on the Google Play Store, including the PhantomLance spyware, adware trojans, and malware droppers.

Google recently provided an overview of its efforts to weed out dangerous applications from the Play Store, including throwing out over 119,000 app developer accounts. The company's machine learning solutions also prevented over 962,000 apps from getting listed on the marketplace.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

>> Click here to start the survey in a new window <<

“To keep Google Play safe and secure and to better serve our developer community, we are introducing two new security measures: additional identification requirements and two-step verification,” wrote Luke Jefferson, Product Manager at Google Play, and Raz Lev, Product Manager at Google Play Trust and Safety, in a joint blog post.

Identity verification

Explaining the changes, the duo said that, in addition to asking for developers’ email addresses and phone numbers, all Google Play developer accounts will now need to furnish additional details.

To begin with, developers will need to specify whether their account belongs to an individual or an organization. They will then be asked to provide details such as the name and physical address of the developer or organization that owns the account.

Google says this information will strictly be used for identity verification and communication purposes only, and will not be shared publicly.

In addition, all developer accounts will be further protected by two-step verification, starting first with all new accounts in August, moving on to cover existing accounts later in the year.

While Jefferson and Lev pitch the new measures as mechanisms to help strengthen the security of developer accounts, the fact of the matter is that these new steps will help identify and mitigate bad apps and developers.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.