Last year, Google announced that Android apps would incorporate security metadata to verify that it was officially distributed by the Play Store. Today, Google is expanding that data to include additional verification for installs through peer-to-peer sharing.
While developers building for the next billion users are encouraged to reduce the file size of an app or even create an Android Go variant, many users living in countries where connectivity is limited or costly still rely on peer-to-peer transfers with Play-approved sharing apps.
In the future, these users will benefit from devices being able to determine an app’s authenticity when offline, similar to Google Play Protect, while shared apps will automatically be added to the recipient’s Google Play Library and receive updates when connectivity is regained.
This creates a Play-authorized offline distribution channel that is secure, with developers benefiting from the “install” and ability to keep applications up-to-date.
There is no impact for developers with Play’s maximum APK size adjusted to account for the new metadata added to the APK Signing Block, while end users should not see a change.