Android’s most defining advantage over iOS — the freedom to install any app from any source — is about to get substantially smaller. Starting September 30, 2026, Google will begin blocking unregistered apps on certified Android devices in Brazil, Indonesia, Singapore, and Thailand. F-Droid, the leading open-source Android app repository, calls this an existential threat. The coalition fighting back now includes 71 organizations from 23 countries — among them the EFF, FSF, Tor Project, and Proton AG — with over 100,000 petition signatures.
What Changes on September 30
Android Developer Verification (ADV) requires every developer distributing Android apps — through any channel, not just Google Play — to register their real identity with Google. The process demands a government-issued ID, a Google payment profile, a $25 one-time fee, enumeration of all app package names, and a cryptographic proof linking the app’s signing key to the registered developer. Fail to comply, and certified Android devices will refuse to install your software.
The enforcement mechanism is worth noting: it runs through proprietary Google Play Services, not the OS itself. That means Google can tighten or modify the rules without a system update, and without user notice. ADB (Android Debug Bridge) remains an exception — developers can still push APKs over USB with developer mode enabled — but Google has signaled it may restrict that too if scammers exploit it as a workaround. The official enforcement timeline is available on the Android Developers Blog.
The rollout starts in four countries September 30, with global enforcement slated for 2027. Google is also launching “limited distribution accounts” in August 2026 for students and hobbyists: no ID required, no fee, but capped at 20 devices. That doesn’t help F-Droid.
Why F-Droid Has No Good Options
F-Droid’s model is fundamentally incompatible with ADV. F-Droid re-signs app packages with its own cryptographic key — which would now need to be the key registered with Google. More critically, hundreds of upstream contributors maintain their apps pseudonymously. The FOSS community’s expectation of developer anonymity isn’t a quirk; for activists, journalists, and researchers in restrictive political environments, it’s a safety requirement.
F-Droid cannot compel those contributors to submit government ID to Google. As a result, their apps become uninstallable on enforced devices. Existing apps maintained by unavailable or deceased developers face permanent blockage — no one can re-register the signing key. As F-Droid put it in its February open letter: the requirement is “fundamentally incompatible with F-Droid’s model.”
The Keep Android Open coalition frames the stakes clearly: ADV “transforms Android from an open platform where anyone can develop and distribute applications freely into a locked-down platform.” Android’s openness was never a bug. It was the feature that made it worth choosing over iOS.
Related: Godot Bans AI Code: What Open Source Learned the Hard Way
Google’s Security Argument Has a Hole
Google’s case rests on two statistics: 57% of adults surveyed experienced a scam in the past year, and sideloaded apps carry 90x more malware than Google Play. The implication is that identity verification stops bad actors. It doesn’t.
F-Droid’s July 1 response is precise on this point: ADV “doesn’t actually feature any capabilities to prevent a malevolent actor from distributing malware in the first place.” A verified developer can still ship malicious code — they just do it under their real name. Google Play Protect already scans apps independently of developer identity. ADV verifies who published an app, not what the app does. Malware authors will pay the $25 and register. The paper trail creates liability attribution after harm is done, not prevention.
The actual scam vector Google is targeting is social engineering: convincing victims to manually sideload a malicious APK in the moment. That’s a real problem. However, it affects a different population than pseudonymous FOSS developers — and the solution (mandatory identity registration for all developers) is wildly disproportionate to the target.
The Security Paradox: Workarounds Are Riskier
Power users who still want to install unverified apps after September 30 have two realistic paths. ADB requires enabling developer mode, which disables certain device security protections and exposes what Enterprise Management Associates describes as the device’s “administrative control plane” as a persistent vulnerability. Custom ROMs — GrapheneOS, LineageOS — require bootloader unlocking, which eliminates the OEM’s hardware chain of trust entirely.
The irony is direct: the people least likely to fall for sideloading scams are being pushed toward device configurations that are objectively less secure. Google’s policy protects casual users from social engineering while exposing technical users to a broader attack surface. That’s a bad trade that Google’s own security team should have caught.
Key Takeaways
- Starting September 30, 2026, Android will block apps from unregistered developers in four countries — government ID and a $25 fee required for all distribution channels, including sideloading
- F-Droid cannot comply without destroying its model: pseudonymous FOSS developers cannot be compelled to submit government ID, and existing abandoned apps will be permanently blocked
- Identity verification does not prevent malware — a verified developer can still ship malicious code; Google Play Protect already handles scanning independently
- The workarounds (ADB, custom ROMs) carry higher security costs than the sideloading they replace, undermining Google’s own security rationale
- 71 organizations and 100,000+ supporters are pushing back through antitrust filings in the US, EU, and Brazil — the policy’s global enforcement is not yet final













