Skip to main content

Google's adding a new layer of security to peer-to-peer APK downlods

Google Play Store
Google Play Store (Image credit: Android Central)

If you live in a country where mobile data is expensive and/or your options for internet connectivity are limited, you probably pretty familiar with peer-to-peer app sharing. Starting today, Google's introducing a new layer of security to ensure the APK files you get with peer-to-peer sharing are safe and secure to use.

Per an announcement on the Android Developers Blog, Google says its adding security metadata onto APKs so that it can verify whether or not that APK was originally distributed via Google Play.

For apps you do get through these approved channels, Google notes that:

We'll be able to determine app authenticity while a device is offline, add those shared apps to a user's Play Library, and manage app updates when the device comes back online.

Google also says that this change benefits developers as it:

Provides a Play-authorized offline distribution channel and, since the peer-to-peer shared app is added to your user's library, your app will now be eligible for app updates from Play.

The security metadata is being added in the background, meaning that developers aren't required to do anything on their end in order to get set up with it.

Google Podcasts: Everything you need to know!

Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.

2 Comments
  • So what about apps or games that are paid ?
  • This isn't "DRM" - it's a cryptographic signature to insure that the file's origin was Google Play. The same way Linux distributions sign their packages, so if you download from a third party, you can be sure the file is authentic.