Android Developer Verification

Original Article ↗ Hacker News Discussion ↗

Overall reaction

  • Strongly negative sentiment toward Android Developer Verification (ADV) and the new on-device “Verifier” system app.
  • Many see it as another step toward locking down Android similar to iOS, eroding the original “open” rationale for choosing Android.
  • A few commenters accept it as a necessary compromise to address real fraud problems, but even they often criticize the implementation and communication.

Sideloading, F-Droid, and custom ROMs

  • Sideloading is viewed by many as a core freedom (“installing software”), not a fringe feature; people use it for open‑source apps, ad-free YouTube clients, banking workarounds, and company-internal tools.
  • The new “advanced flow” (dev mode, coaching check, 24h delay, then per‑developer allowance) is seen as a significant friction point, especially for non‑technical users and for F-Droid/Obtainium.
  • Some argue this effectively pushes F-Droid back into “experts only” territory and threatens alternative stores’ long‑term viability.
  • Custom ROM users (GrapheneOS, LineageOS, /e/OS, etc.) discuss whether they can avoid or neutralize the Verifier; some report maintainers saying users “won’t be impacted,” but details remain unclear.

Security, scams, and risk tradeoffs

  • Google’s claim of “90× more malware” from sideloaded sources is widely doubted; people ask for the underlying data.
  • Many note that elderly or non‑technical users already get flooded with scammy or invasive apps from Google Play itself.
  • Supporters of ADV emphasize real-world banking trojan and social‑engineering scams (especially via coached sideloading) and argue that time delays and identity checks can reduce harm to vulnerable users.
  • Critics counter that determined scammers will adapt, while legitimate developers and users absorb the friction.

Developer verification & identity concerns

  • Multiple reports of clumsy, repetitive verification flows: repeated ID uploads, DUNS/company info re-entry, and opaque rejections.
  • Concerns that “malware” will mean “whatever Google and partner governments dislike” (e.g., ad blockers, VPNs, censorship‑circumvention tools).
  • Centralizing developer KYC under a US corporation raises worries about sanctions, political blacklisting, and being permanently excluded from the ecosystem.
  • Some developers say the increasing compliance burden has already driven them off the Play Store or out of mobile app development entirely.

Regulation, power, and alternatives

  • Debate on whether government regulation will help (antitrust, OS openness) or worsen things (mandatory age/ID verification, “chat control”).
  • EU policies and the DMA are mentioned as both potential constraints and possible enablers of stricter identity checks.
  • Many vow to move toward:
    • Web apps/PWAs instead of native apps.
    • Linux‑based phones (postmarketOS, Mobian, PureOS, Librem 5, Sailfish, Ubuntu Touch).
    • De‑Googled Android forks or a “dumb phone + Linux handheld” split.

Market structure and trust

  • Several see ADV as driven less by user demand and more by:
    • Protecting revenue (e.g., cracked YouTube Premium, paid apps).
    • Appeasing banks and regulators worried about app-based fraud.
    • Strengthening Google’s control over app distribution and weakening competitors.
  • Some note that power users are a tiny minority by numbers, but also key developers and influencers; alienating them risks long‑term ecosystem health.