F-Droid says Google’s Android developer verification plan is an ‘existential’ threat to alternative app stores
Attention, any developers hoping to sell their apps to the world’s 3.3 billion Android phones. “Google is changing the way you install apps on your device!” warns the free and open-source Android app repository F-Droid.
And it threatens the existence of some alternative Android app stores that are used by millions of people. The New Stack spoke with Marc Prud’hommeaux, a member of the board of directors at F-Droid, who also created the website Keep Android Open. In an interview this week, Prud’hommeaux shared the latest news on how their fight is going, the threats being overlooked, the results of their discussions with Google’s Android team — and what developers can do now to help.
And a member of “the resistance” even shared their own theory on what’s secretly been motivating Google.
A battle begins
A Google support page explains that starting in September, even Android developers not distributing through Google’s Play Store will still be required to register with Google to distribute their apps in Brazil, Singapore, Indonesia, and Thailand. And then four months later (in “2027 and beyond”), Google says it will “continue to roll out these requirements globally,” with a goal “to remove the cover of anonymity from bad actors who operate on Android.” An FAQ on the Android developer’s blog acknowledges there will also be a $25 fee — and a requirement to provide a government ID.
Marc Prud’hommeaux from F-Droid in March 2026.
But soon, several Android developers began voicing objections. Even developers who are simply distributing images of their Android apps on the web or offering them for sideloading will still be required to register. And for F-Droid, the details pose a threat that Prud’hommeaux calls “existential.” That’s because, in most cases, F-Droid’s signature is attached to the applications it distributes. But now Google wants to have only one signature attached to apps — which, Prud’hommeaux says, “all of a sudden breaks all those versions of the application distributed through F-Droid or any other app store!”
“They are implementing policy that is coming down from on high, whose motives I find highly suspect.”
For 10 years, F-Droid has been offering free and open source Android apps — now up to about 5,000 — but “there are a lot of people who use F-Droid…” Prud’hommeaux notes. “It’s in the millions!” So after Google announced their plans last August, “We reached out to them pretty quickly after they announced it, saying ‘You know perfectly well that you’re killing F-Droid…!’
As Prud’hommeaux remembers it, “They said, ‘Look, we don’t have all the details laid out yet. We’re trying to come up with ways of accommodating the good actors, and only attacking the bad ones.’” He says F-Droid’s interactions with Google’s team aren’t hostile, and “I think the developers I’m interacting with one-on-one themselves are sympathetic.
“But they are implementing policy that is coming down from on high, whose motives I find highly suspect,” Prud’hommeaux says.
F-Droid asked for another meeting in February, and Prud’hommeaux says it confirmed their fear that Google’s new advanced “flow” for alternative app stores “is ‘going to be really, really high friction’… They didn’t go into details, but it sounds like you might need to get authorization, or you might need to plug it into a cord — you might need to do something that’s absurdly complex, and no one’s ever going to do it.” They even suggested this high-friction option won’t be available when the program first rolls out in September.
“Once they’ve done it, it’s essentially a fait accompli,” Prud’hommeaux worries, since it becomes the status quo, and at that point, “they have no incentive” to make a more usable “flow” for F-Droid or the other app stores affected.
F-Droid fought back
F-Droid fought back — by launching another round of public activism, and on February 24, an open letter arguing that Google’s move will impact so many people — “hundreds of governments, millions of businesses, and billions of citizens around the world.” The organization adds that Google’s move could also affect:
- Privacy-focused developers who avoid surveillance ecosystems
- Researchers and academics are developing experimental applications
- Internal enterprise and government applications are never intended for broad public distribution
Signatories include leading rights organizations such as EFF, the Software Freedom Conservancy, and the Free Software Foundation. “Richard Stallman is actually a friend of mine,” Prud’hommeaux says, and when it comes to Google’s plans to register Android developers, “He’s completely opposed to it.” (Though Prud’hommeaux adds with a laugh that Stallman “is more or less opposed to everything Google does.”)
Top open source projects also signed the letter, including KDE, the Brave browser, and the TOR Project. Even FOSDEM, the annual open source conference, along with the affected Android app distributors Obtanium and F-Droid, sign the letter.
Brave browser criticizes Android developer registration plan on Threads, March 9, 2026
And the current signatories are only a fraction, Prud’hommeaux says. “I have a huge backlog of other organizations who have sent in, wanting to sign, that I just essentially need to vet and make sure that they are who they say they are…
“It’s been just overwhelmingly, nearly-universal approval of this campaign. So that’s really heartening, and I hope that it’s something that Google will listen to.”
“Regulators are really slow to move”
So is this growing campaign getting results? Unfortunately, it’s an all-or-nothing proposition, Prud’hommeaux says, and “we will not have made any progress until they cancel the program.”
“That’s our goal… ‘Look, just keep things the way they are. You can continue to incrementally improve security through various mechanisms like Play Protect, which we believe is completely sufficient to handle the particular scenarios they claim that developer verification is meant to address…”
But Prud’hommeaux also sees “a huge outpouring of sympathy… Everyone who has an opinion about it is saying, ‘This is insane! They’re taking an open system, and they’re locking it down.’” People are even putting the site’s banner on their own sites, “And that has really helped drive awareness and interest to the page.” And when supporters contact regulators through his Keep Android Open site, Prud’hommeaux gets a copy, and “I’ve gotten hundreds — maybe over a thousand — cc’d emails.”
Is he seeing any movement from those regulators? “Not a lot. Typically, when they respond, they say ‘Thank you for your interest. We’ve filed this under…’” But they’re definitely hearing the concerns and responding in various ways. “We’ve gotten some fairly sympathetic-sounding things from the Competition and Markets Authority in the U.K. Recently, something from the Philippines’ regulator sounded really promising. Some state regulators in the United States have shown some interest. Nothing at the federal level, but state regulators have taken some note.”
But “regulators are really slow to move,” Prud’hommeaux points out, so he’s worried Google’s verification program will go into effect before the regulators can even spring into action.
“You can’t separate this really from their ongoing interactions with Epic”
Google didn’t answer The New Stack’s request for comment — but one source in the “Keep Android Open” movement offered their speculation on Google’s motives. “This is complete speculation — but you can’t separate this really from their ongoing interactions with Epic and the settlement that they came to… ”
Last week, Epic Games and Google announced a new proposal for settling their long-running dispute over the legality of alternative app stores on Android phones. (Epic’s blog cheers the fact that “Globally, developers will have choices in how they make payments… with reduced fees and the ability to point users outside apps to make purchases.”)
But rather than agreeing to let third-party app stores into their Play Store, Google wants them to continue being sideloaded, promising in a blog post last week that they’ll even offer a “more streamlined” and “simplified” sideloading alternative for rival app stores. “This Registered App Store program will begin outside of the US first, and we intend to bring it to the US as well, subject to court approval.”
Could developer verification be Google’s fallback plan if U.S. courts fail to approve this proposal? That’s the theory of our unnamed source in the “Keep Android Open” movement. “If the Google Play Store has to allow any third-party repository app store, Google essentially has given up all control of the apps. But if they’re able to claw back that control by requiring that all developers, no matter how they distribute their apps, have to register with Google — have to agree to their Terms & Conditions, pay them money, provide identification — then they have a large degree of indirect control over any app that can be developed for the entire platform.”
What’s next
But there are many criticisms of Google’s plan. Prud’hommeaux objects to how it removes the ability to publish apps anonymously — and says it will also affect Android developers in countries sanctioned by the U.S. government, since Google “by law” won’t be allowed to let them register. (Last month, the Trump administration even imposed sanctions on the International Criminal Court.)
So what could the future look like? Prud’hommeaux says “on numerous occasions” they’ve pitched Google on opportunities to collaborate, as part of a community consortium or industry group, to help improve Android’s security. Imagine, he says, Google “working with the industry, with various other app store vendors, with various other Android and non-Android certified ROM providers, like GrapheneOS and LineageOS and EOS — there’s a whole world of those. If everyone was able to work together on say some shared notarization system or something like that, that would really help things…”
“We hope that this will open up Google’s eyes a little bit to the benefits of working with the community instead of against it.”
In the meantime, Prud’hommeaux says, he’s spent a “phenomenal” amount of time and effort for no greater goal than preserving and continuing “this thing that has existed happily for over 10 years.”
The Keep Android Open site urges developers not to sign up for Android’s developer verification program when it launches next week.
Instead, they’re asking developers to respond to invites with an email about their concerns — and to spread the word to other developers and organizations in forums and social media posts. And there’s a form for submitting feedback/questions about Google’s Android developer verification, as well as a petition at Change.org currently signed by 69,000 developers — adding 13,000 new signatures in less than a week.
But developers — or even everyday smartphone users — have ways they can help, Prud’hommeaux says. Just read up on what’s happening so you can spread the word. And “If you have an Android device, try installing F-Droid!” he adds. (Google tracks how many people install these alternative app repositories, and a larger user base means greater consequences from any Android policy changes.)
Plus, installing F-Droid “might be refreshing!” Prud’hommeaux says. “You don’t see all the advertisements and promotions and scam and crapware stuff that you see in the commercial app stores!”
The post F-Droid says Google’s Android developer verification plan is an ‘existential’ threat to alternative app stores appeared first on The New Stack.
