Android 开发者验证：在开放与选择与安全之间取得平衡

Android 开发者验证：在开放与选择与安全之间取得平衡
Android developer verification: Balancing openness and choice with safety

原始链接: https://android-developers.googleblog.com/2026/03/android-developer-verification.html

谷歌正在通过一种新的“高级流程”来增强Android安全性，同时保持平台的开放性，该流程用于安装来自未经验证的开发者的应用程序。谷歌认识到一些用户愿意承担经过计算的风险，因此此功能允许侧载安装，但会主动防范日益猖獗的诈骗手段。这个过程并非简单的绕过。它需要启用开发者模式，确认用户没有受到胁迫，重启手机以切断远程访问，以及进行生物识别重新验证的24小时等待期。这种人为的阻力旨在扰乱诈骗犯，他们会迫使受害者禁用安全功能。与此同时，谷歌还为学生和爱好者提供免费的“有限分发帐户”，允许在最多20台设备上共享应用程序，无需身份验证或费用。高级流程和有限帐户都将于8月上线，在新的开发者验证要求完全实施之前，确保Android对所有人保持可访问性，同时优先考虑用户安全。

黑客新闻新 | 过去 | 评论 | 提问 | 展示 | 招聘 | 提交登录 [重复] Android 开发者验证：在开放性和选择权与安全性之间取得平衡 (googleblog.com) 51 分，WalterSobchak 1 天前 | 隐藏 | 过去 | 收藏 | 2 条评论帮助 Groxx 1 天前 | 下一个 [–] 更多讨论在这里：https://news.ycombinator.com/item?id=47442690 回复tomhow 1 天前 | 父评论 | 下一个 [–] 评论已移至此处。谢谢！指南 | 常见问题 | 列表 | API | 安全 | 法律 | 申请 YC | 联系搜索：

原文

Posted by Matthew Forsythe, Director Product Management, Android App Safety

Android proves you don't have to choose between an open ecosystem and a secure one. Since announcing updated verification requirements, we've worked with the community to ensure these protections are robust yet respectful of platform freedom. We've heard from power users that they want to take educated risks to install software from unverified developers. Today, we're sharing details on a new advanced flow that provides this option.

Advanced flow safeguards against coercion

Android is built on choice. That is why we’ve developed the advanced flow – an approach that allows power users to maintain the ability to sideload apps from unverified developers.

This flow is a one-time process for power users – but it was designed carefully to prevent those in the midst of a scam attempt from being coerced by high pressure tactics to install malicious software. In these scenarios, scammers exploit fear – using threats of financial ruin, legal trouble, or harm to a loved one – to create a sense of extreme urgency. They stay on the phone with victims, coaching them to bypass security warnings and disable security settings before the victim has a chance to think or seek help. According to a 2025 report from the Global Anti-Scam Alliance (GASA), 57% of surveyed adults experienced a scam in the past year, resulting in a global consumer loss of $442 billion. Because the consequences of these scams that use sophisticated social engineering tactics are so severe, we have carefully engineered the advanced flow to provide the critical time and space needed to break the cycle of coercion.

How the advanced flow works for users

Enable developer mode in system settings: Activating this is simple. This prevents accidental triggers or "one-tap" bypasses often used in high-pressure scams.

Confirm you aren't being coached: There is a quick check to make sure that no one is talking you into turning off your security. While power users know how to vet apps, scammers often pressure victims into disabling protections.

Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.

Come back after the protective waiting period and verify: There is a one-time, one-day wait and then you can confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN. Scammers rely on manufactured urgency, so this breaks their spell and gives you time to think.

Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”

A secure Android for every developer

We know a "one size fits all" approach doesn't work for our diverse ecosystem. We want to ensure that identity verification isn't a barrier to entry, so we’re providing different paths to fit your specific needs.

In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee. This ensures Android remains an open platform for learning and experimentation while maintaining robust protections for the broader community.

Limited distribution accounts and advanced flow for users will be available in August before the new developer verification requirements take effect.

Visit our website for more details. We look forward to sharing more in the coming days and weeks.