Level 1.5: Cupcake

Question

Android Developer Verification Requirements in AE

Forum|Forum|6 months ago
August 26, 2025
3 replies
0 views

taking a page from @jasonbayton's LinkedIn post

I wanted to post and discuss the announcement from Google yesterday and their upcoming Android developer verification requirements. This is something that fully managed devices with customer supplied applications will run into, and it will cause issues on devices

A while ago Google stated that they wouldn't scan customer-sideloaded applications with GPP if they were fully managed. See here: https://www.androidenterprise.community/discussions/conversations/is-there-any-way-to-disable-google-play-protect-gpp-from-an-emm-or-to-otherwise-/2507

Would this requirement fall under the same umbrella?

Everything Else

J

jasonbayton

Level: 4.1: Jelly bean

One can hope there's concessions for managed estates. The message on the help community here suggests additional thought is going into this. Fingers crossed.

M

melanie

Level 2.0: Eclair

Indeed, I'll post more details relating to managed devices as quickly as I can 🏃‍♀️ 🏃‍♀️🏃‍♀️ . Stay tuned.

M

mattdermody

Level 3.0: Honeycomb

I would love for the same blanket exception that was applied to GPP to also be applied in this circumstance for apps installed on Fully Managed devices by a Device Owner DPC. In that situation an enterprise admin is electing to install a business app on assets owned by the same enterprise they do not need or want Google sitting in the middle of that dictating what they are or are not allowed to install on their own devices.

M

melanie

Level 2.0: Eclair

Agreed - and we were able to get an exemption for apps installed by a DPC. Lizzie's linked to the full post below.

@mattdermody @jasonbayton I'm keen to understand if anything falls outside these exemptions. Are you aware of any examples where companies install apps onto their device though other side-loading methods (i.e. without their EMM's DPC involved)? If so - why?

Thanks in advance for your feedback. Feel free to contact Lizzie to coordinate a 1:1 call if that's easier.

J

jasonbayton

Level: 4.1: Jelly bean

Yes, there's a lot of APK sideloading particularly with smaller companies using AMAPI as we can't still distribute via the EMM platform. I've also seen very rare instances of companies building their own app catalogue app/webapp as a front-end to pull down APKs.

One other consideration is apps that self-update via a remote repo. Presumably if an app is installed, any update to the package is automatically permitted?

E: Sorry I was thinking of policy-allowlisting and replacement of one package with another using the same pname. This may fix that too in current state, but allowing sideloading here would undo that.

Lizzie

Community Manager

Hey @remlap, @mattdermody, @jasonbayton,

I hope you are all doing well. Just to say that we have just shared an update on this in the community product updates board: here.

Hopefully this provides a good starting point for information on this area. Looking forward to hearing more of your thoughts.

Thanks so much,

Lizzie

Welcome to the Community everyone!Have a question or want to start a conversation, click here.

J

jasonbayton

Level: 4.1: Jelly bean

If the community supported more than a one-dimensional "like" on a comment, I'd have given you one of these: ❤️. Thank you!

Lizzie

Community Manager

haha - thanks @jasonbayton (I'm working on this). 🤩

Welcome to the Community everyone!Have a question or want to start a conversation, click here.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded