Skip to main content

Android 15 further restricts what you can do with sideloaded apps

Sideloading is one of the things that makes Android what it is, but it can also easily be abused. To help protect users, Google is making some adjustments in Android 15 that further restrict what a malicious app could do when sideloaded onto a device, but also what users can do with these apps too.

Back in Android 13, Google introduced a new layer of protection against potentially malicious sideloaded apps by preventing them from accessing features designed for accessibility. However, if the user wanted to, that layer could be disabled and the options that the app was restricted from using could be manually granted.

Google is further enforcing this in Android 15.

As noted by Android Authority, Google has updated this layer of protection in Android 15 to include more types of restricted settings and roles for sideloaded apps.

The added restrictions include preventing sideloaded apps from listening to notifications, acting as a default dialer or SMS app, running on top of other apps, or acting as a device admin. These are powerful and/or sensitive permissions that, if a malicious app had access to, could result in personal data being at high risk.

Google requires in Android 15’s CDD (Compatibility Definition Document) that the following permissions are restricted for sideloaded apps:

  • Special permissions
    • Accessibility
    • Notification listener
    • Device admin
    • Display over other apps
    • Usage access
  • Roles (Default apps)
    • Dialer
    • SMS
  • Runtime permissions
    • SMS

However, like in Android 13 and forward, an option is still required in Android 15 to allow the user to manually allow these restricted settings to be used. So the choice is still there, the added restrictions just prevent more forms of abuse by default.

Android 15 is set to start rolling out soon, with the update scheduled to land on Pixel next month.

More on Android 15:

Follow Ben: Twitter/XThreads, Bluesky, and Instagram

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Schoon Ben Schoon

Ben is a Senior Editor for 9to5Google.

Find him on Twitter @NexusBen. Send tips to schoon@9to5g.com or encrypted to benschoon@protonmail.com.


Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications