Google Play Adds More Security to Dev Accounts

Android devs will need to verify their credentials and begin using 2FA soon

Fraudulent developer accounts and malicious software uploads have been on the rise on the Google Play store, which Google plans to combat by requiring the verification of developer accounts.

Google Play has had its share of problems with malware, app cloning, and scams, which is why the company has begun taking steps to improve developer account security. Starting today, developers will be able to verify their contact details and account type (personal or business), with verification becoming mandatory if those details are changed.

Google Play logo

Google

In August, new developer accounts will be required to verify their credentials and will need to go through a two-step verification process. All of these added security measures will become a requirement for all new and existing developer accounts at some point later this year.

According to The Record, Google previously only has required an email address and phone number to set up a Google Play developer account—neither of which it would verify. This resulted in malicious actors creating batches of dev accounts, then selling them to people or groups that would use them to upload harmful software. Some were even able to take advantage of the non-existent account security to take over legitimate developer accounts and upload harmful code into existing apps.

Illustration representing a developer using 2FA

Google

There are some additional actions you can take to better protect your Google Play developer account, as well. Google recommends making sure your contact information is kept up-to-date and using a different contact email address from the one used to create your Google account. It also suggests avoiding the use of a personal or generic email address as a business email.

Was this page helpful?