Sideloading on Android is heading toward one of its biggest shakeups yet, and the shift centres on a new system Google is building for people who want to install software outside standard channels. Instead of the old one-tap method that relied only on toggling unknown app permissions, a more guarded pathway is taking shape that places additional checks around the process. The emphasis now is on managing risk.
| Image credit: Google
- Google is replacing Android’s simple sideload toggle with a stricter, risk-focused installation flow.
- A new developer verification system will limit who can install unverified sideloaded apps.
- A new developer verification system will limit who can install unverified sideloaded apps.
- Google plans to roll out this verification system in 2026, starting with select countries.
Sideloading on Android is heading toward one of its biggest shakeups yet, and the shift centres on a new system Google is building for people who want to install software outside standard channels. Instead of the old one-tap method that relied only on toggling unknown app permissions, a more guarded pathway is taking shape that places additional checks around the process. The emphasis now is on managing risk.
A fresh verification scheme for developers has begun its early access phase, specifically aimed at creators who circulate their apps outside Google's marketplace. Only a narrow segment of users will eventually be able to install unverified packages without going through this verification requirement, provided they are comfortable handling potential threats. The company categorises them as technically advanced individuals with a strong tolerance for elevated digital hazards.
Google says it is crafting what it calls an advanced flow, a redesigned process that prompts knowledgeable users to consciously accept the dangers associated with sideloading software that has not passed official review. This model is meant to ensure that no one can be easily pressured into skipping these safeguards, particularly in situations where manipulation or fraudulent tactics might be deployed by bad actors.
The workflow being built will present clear risk alerts but will still allow users to proceed if they understand and acknowledge those hazards. The system aims to maintain user choice while ensuring fairness and clarity across the installation sequence. The intent is to prevent any scenario where individuals unknowingly override protections.
Although the mechanism is not yet final, Google is encouraging feedback while adjustments are ongoing. Its verification mandate is scheduled to debut in 2026 for a group of initial countries such as Brazil, Singapore, Indonesia, and Thailand. A broader expansion is planned for the same year as the framework matures.