Forum Discussion

remlap's avatar
remlap
Level 1.6: Donut
9 days ago

Android Developer Verification Requirements in AE

taking a page from jasonbayton​'s LinkedIn post 

 

I wanted to post and discuss the announcement from Google yesterday and their upcoming Android developer verification requirements.  This is something that fully managed devices with customer supplied applications will run into, and it will cause issues on devices 

 

 A while ago Google stated that they wouldn't scan customer-sideloaded applications with GPP if they were fully managed.  See here: https://www.androidenterprise.community/discussions/conversations/is-there-any-way-to-disable-google-play-protect-gpp-from-an-emm-or-to-otherwise-/2507

 

Would this requirement fall under the same umbrella? 

Everything Else

8 Replies

  • jasonbayton's avatar
    jasonbayton
    Level 4.0: Ice Cream Sandwich
    9 days ago

    One can hope there's concessions for managed estates. The message on the help community here suggests additional thought is going into this. Fingers crossed.

    • melanie's avatar
      melanie
      Google Team
      9 days ago

      Indeed, I'll post more details relating to managed devices as quickly as I can  🏃‍♀️ 🏃‍♀️🏃‍♀️ .   Stay tuned.

  • mattdermody's avatar
    mattdermody
    Level 2.3: Gingerbread
    8 days ago

    I would love for the same blanket exception that was applied to GPP to also be applied in this circumstance for apps installed on Fully Managed devices by a Device Owner DPC. In that situation an enterprise admin is electing to install a business app on assets owned by the same enterprise they do not need or want Google sitting in the middle of that dictating what they are or are not allowed to install on their own devices. 

    • melanie's avatar
      melanie
      Google Team
      8 days ago

      Agreed - and we were able to get an exemption for apps installed by a DPC.   Lizzie's linked to the full post below.

       

      mattdermody​ jasonbayton​  I'm keen to understand if anything falls outside these exemptions.   Are you aware of any examples where companies install apps onto their device though other side-loading methods (i.e. without their EMM's DPC involved)?   If so - why?

       

      Thanks in advance for your feedback.   Feel free to contact Lizzie to coordinate a 1:1 call if that's easier.

      • jasonbayton's avatar
        jasonbayton
        Level 4.0: Ice Cream Sandwich
        8 days ago

        Yes, there's a lot of APK sideloading particularly with smaller companies using AMAPI as we can't still distribute via the EMM platform. I've also seen very rare instances of companies building their own app catalogue app/webapp as a front-end to pull down APKs. 

         

        One other consideration is apps that self-update via a remote repo. Presumably if an app is installed, any update to the package is automatically permitted?

         

        E: Sorry I was thinking of policy-allowlisting and replacement of one package with another using the same pname. This may fix that too in current state, but allowing sideloading here would undo that.

  • Lizzie's avatar
    Lizzie
    Google Community Manager
    8 days ago

    Hey remlap​, mattdermody​, jasonbayton​,

     

    I hope you are all doing well. Just to say that we have just shared an update on this in the community product updates board: here

     

    Hopefully this provides a good starting point for information on this area. Looking forward to hearing more of your thoughts. 

     

    Thanks so much,

    Lizzie

    • jasonbayton's avatar
      jasonbayton
      Level 4.0: Ice Cream Sandwich
      8 days ago

      If the community supported more than a one-dimensional "like" on a comment, I'd have given you one of these: ❤️. Thank you!

      • Lizzie's avatar
        Lizzie
        Google Community Manager
        8 days ago

        haha - thanks  jasonbayton​ ​ (I'm working on this). 🤩