Android has always allowed the installation of apps from third-party sources by simply installing the APK file. However, not all sources are legitimate and using an APK with an uncertain origin can pose risks for both the user and the developer. Google Play has recently introduced a feature to address the possible threat.
The issue. There are various reasons why a user might choose to install an app via APK rather than using the Google Play Store. Similarly, developers may have their reasons for not distributing their apps through the official store. For instance, installing an app via APK doesn’t contribute to download metrics on Google Play. On the other hand, some users choose to go the APK route when they need to install outdated, modified, and even free versions of paid apps.
However, as I mentioned earlier, this can be harmful to both the user and the developer.
Android knows what you’re doing. Installing an app on Android from an APK may produce a similar result to doing it from the Google Play Store. However, the operating system keeps track of the app’s source to avoid potential conflicts with different versions. This is particularly relevant because the version available through an APK may differ from the one on the Google Play Store. This is the case of WhatsApp, for example.
Recently, Google Play has started using this information to allow users to update apps that they initially installed via APK through the Google Play Store. If you’ve installed an app from an APK, the Google Play Store can recognize this and prompt you to update the app from the store, essentially making it the official channel for future updates.
In summary:
- You initially downloaded WhatsApp from a site like APKmadeupwebsite.com.
- Google Play Store recognizes this installation.
- It’ll offer you the possibility to update WhatsApp to the latest version available in the Google Play Store.
- The Google Play Store will now handle all future updates for WhatsApp, just like any other app downloaded directly from the store.
Image: Google
Play Integrity. The Google Play Store has recently debuted a new feature: Play Integrity API. In essence, this API enables developers to identify installations from third-party sources and, in some way, prompt users to download the app from the Google Play Store. If they don’t, the app remains unusable until they do.
Google’s official documentation states, “By detecting potentially risky and fraudulent interactions, such as from tampered app versions and untrustworthy environments, your app’s backend server can respond with appropriate actions to prevent attacks and reduce abuse.” One example is to compel the installation of the app from Google Play.
This isn’t the end of APKs. On one hand, it’s up to the developer to implement this API in their app if they wish to do so. On the other hand, this measure doesn’t go against a developer’s open-source app published in a forum or recognized APK repository, but it’s a measure to fight against fraudulent apps. Additionally, it’s not something excessively new either since it’s really the evolution of a function already offered in SafetyNet.
However, the new policy may pose a significant obstacle to more dedicated users who prefer installing beta versions of apps or obtaining apps from other sources to get the latest updates. Moreover, it’s important to note that the Android ecosystem is diverse, with alternatives like e/OS or GrapheneOS that don’t rely on the Google Play Store. This change will undoubtedly impact users of these platforms.
Image | Daniel Romero (via Unsplash)
View 0 comments