Google has taken concrete steps over the years to clamp down on the spread of malware-infused apps through the Play Store and other portals. It has now made a minor yet significant change to the Play Store which may go a long way in improving security on the platform. It’s now adding a “small amount” of security metadata to Android APKs so that it can be ensured that apps have been distributed through the Play Store or any other approved channel.
The security metadata that Google will be adding to apps will allow users to verify an app even when they’re not connected to the internet. Lots of people rely on portals other than the Play Store to get apps. They may use them for a variety of reasons, including downloading apps that are not available in their region or country.
The addition of the metadata means that users who download apps from third-party portals will be able to check if they’re authentic and not a modified app that contains malware which can infect their phone.
The metadata will also allow apps from approved distributors to work with Google Play Store features such as subscriptions and family library. Android will be able to read the metadata automatically and verify that the app is legitimate.