While Google plans to severely restrict Android users’ ability to download apps from sources other than the Google Play Store, the company is introducing a new process that will allow sideloading after a mandatory 24-hour waiting period. this new “Advanced Flow” setting Its purpose is to prevent users from installing malware distributed by bad actors through unverified sources, while still allowing them to sideload from legitimate developers.
Sideloading restrictions are coming to Android
Last year, Google announced that sideloading on Android would eventually be limited to verified third-party app stores and developers. This change has a clear goal: to crack down on malicious apps that mimic genuine apps found on the Google Play Store. These restrictions – which will take effect for Brazil, Indonesia, Singapore and Thailand later this year, and will be implemented globally in 2027 – will eventually require developers to register specific details with Google to distribute their apps, as well as pay a fee. (Students and hobbyists will still be able to share apps on up to 20 devices without registering or requiring users to go through new workarounds.)
The move faced significant criticism from both developers and users, with concerns ranging from privacy violations (developers are now required to share details they previously did not have to) to increased difficulty in accessing modified or downgraded versions of apps. Thus, Google is striking a compromise that seems like it will protect most users from malware while still allowing power users to sideload whenever they want.
Google is offering a sideloading workaround
The new advanced flow setting will add multiple points of friction to unverified app installations, cutting the sense of urgency often used by scammers to distribute malware. Users will have to go through a one-time process to disable security protections – meaning you won’t need to repeat it every time you want to sideload – but you’ll still see a warning when you try to install an app from an unverified developer.
What do you think so far?
If you are interested in this solution, the first thing you will need is Enable developer mode Go into your device’s Settings app and confirm that you are not being forced to disable security protections on your device (a common scam tactic). Next, you’ll need to restart your phone, which turns off calls and remote access tools that scammers can use to communicate with you or control your device. From here, you’ll need to wait 24 hours before returning and authenticating the settings change using biometrics or your device PIN. Finally, you will confirm that you understand the risks, allowing you to install apps from unverified developers for seven days or indefinitely.
This solution will be available in August—before developer registration requirements go into effect.
