Will these changes put a full stop on malicious app distribution via the Play Store?
After seeing an increase in the distribution of deceptive apps and malicious developer accounts, Google has announced additional security plans. Starting from Monday, to validate the developer’s identity and to overcome the problem of fake apps, Google will now ask for the 2FA and the physical address of the developer.
But how will this enhance the integrity of Play Store apps?
Before the announcement, Google only used to ask for an email address and phone number. But now, by asking for additional identity verification details like – whether the account is owned by a person or business, a contact name, a physical address, and verification of email and phone details the process will be stricter. This means crooks will not get a chance to circulate fake apps and fool users.
Will this information be public?
No, the information shared with Google will not be public. It will be kept with Google to help confirm the identity and communicate with the developer.
According to Google, the timeline of these forthcoming changes will be:
- Starting June 28, 2021, developers will be able to announce their account type and verify contact details.
- From August onwards, to open a new developer account, mentioning account type and verifying contact details at sign-up will be a must. 2FA will also be mandated for new developer accounts.
- Later this year each developer’s account will have to specify their account type, verify credentials, and enable 2FA.
In addition to this, the tech giant says, the changes are being made to keep Google play safe and secure. This will help serve the community better.
Why 2-Step verification? How will it help?
The best way to stay secure and increase the value of tools Google’s 2-Step Verification is a must. Since it uses both your password and a second way (text message sent to a registered phone number, an authenticator app, hardware security key, or alerts) to identify you, the level of security is increased. Moreover, this confirms there’s a real person on the other side of the screen.
- To set up 2-step verification, visit https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome?pli=1
- Click Get Started
- Login to your account and follow on-screen instructions to set up 2 step verification.
How does 2 step verification help?
- With 2-step verification activated the bad guy will not be able to access your account. Say for instance they can hack the password, still to get into the account will need the Security key.
- Signing will require your password and the security key received.
- Verification codes are uniquely crafted for your account, and they can be used only once.
Googles’ Requirement to Ensure Safety
- To ensure the information provided by the developer is genuine Google will make occasional calls and will send emails.
- The email address provided by the developer should be different from the one used to create a Google account. Furthermore, using an email address from the domain (if you have one) is suggested.
- The contact email address for business accounts or organizations should not be generic or personal. It should be associated with the organization.
- Two-factor authentication for the Google Play Console users will be mandatory.
- Writing words in all caps will no longer be allowed. (If it is the name of the brand then it’s okay.)
- Will not allow including emoji in the app name.
- App titles will be limited to 30 characters.
- Cannot incentivize installed by adding phrases like download now.
- Google will not allow promoting deals by including a Sale banner in an app icon.
Timeline for developers
Reportedly, to declare the requested information, Android developers have time until the second quarter of coming 2022. This means during the first three months of 2022 users will be able to see the new Safety Section.
Why This Move?
This move might help decrease the number of scams or fraudulent apps on the Google Play Store. While verifying the information, if an eye of suspicion is raised, Google will be able to deal with it. This means Google will be able to identify people with malicious intent and will be able to distinguish between real users and ones who work under aliases.
Is Google Planning Anything More?
With the announcement for a change for Google Play developers, starting this August, Play apps will have to be published in the Android App Bundle format. This means, Google is ditching APKs and now the apps using Android App Bundles will only be used.
As this announcement comes, soon after the announcement of Windows 11 that comes with the ability to sideload Android apps as APKs, things seem fishy. Is it Google’s plan to make fewer apps available on Windows 11? Is Google wanting to keep its app to itself like Apple?
If this is the case what is the future for Microsoft?
Do you think the steps Google is taking in the name of offering security are right? Or is there a plan? What idea do you get after knowing all this?
Do let us know your opinion by leaving us your feedback in the comments section.