Sideloading APKs is an easy vector but so is the Google Play Store. It’ll take scammers like 5 minutes to just perma move to GPlay shenanigans, and its already well known to have poor quality control and tons of malware available to download with the useless play protect logo.

This is just Google’s public justification for creating their walled garden. They already pulled this exact scam with Chinese OEMs which is how Huawei got banned, and others stopped selling in the US. They huffed up some story about CCP spyware and then mandated that GPlay be installed in full, otherwise face consequences from congress.

Even Samsung got pulled in and they essentially agreed to use GApps as the de facto communication suite for their phones in exchange for allowing Samsung to continue to use their Galaxy store.

They see stuff like AOSP as a threat because anyone can just fork the OS and make their own non google Android, and they don’t want any OEM to replace GPlay like what Motorola is attempting right now (hence the increased urgency to lock down Android).

Google’s monopoly in the mobile space revolves around every phone using GPlay, so they’ll do anything to maintain their control.

Got a link boss? You’ll excuse me if I don’t take your word for it and all that

That is all true, however it seems like a slippery slope to me.

To stop scams, it would instead be a good idea to block app installation (of ANY apps including in the Play Store) when the screen is being monitored or a call is active.

Then when sideloading apps, grey out the install button for 3 seconds to hopefully pull the user out of any mindless flow state a scammer has put them in.

They came out with more information on what their walk back looks like. More information is on the website https://keepandroidopen.org/

There is more information on the website. This was Google’s “solution”:

Update: Google has revealed the “advanced flow” — it is not a solution

On March 19, 2026, Google published details ↗ of the “advanced flow” mechanism intended for “power users” to allow installation of applications from unverified developers after the lockdown takes effect. It goes like this:

1. Enable Developer Mode ↗ by tapping the software build number in About Phone seven times
2. In Settings > System, open Developer Options and scroll down to “Allow Unverified Packages.”
3. Flip the toggle and answer a scare screen confirming that you are not being coerced
4. Enter your device unlock pin/password
5. Restart your device
6. Wait 24 hours
7. Return to the unverified packages menu at the end of the security delay
8. Scroll past additional scare screen warnings and select either “Allow temporarily” (seven days) or “Allow indefinitely.”
9. On the next scare screen, confirm that you understand the risks.
10. You can now install unverified packages on the device by tapping the “Install anyway” option in the package manager.

This entire flow is delivered through Google Play Services, not the Android OS, meaning Google can modify, restrict, or remove it at any time without an OS update and without any user consent. The advanced flow has still not appeared in any Android beta, dev preview, or canary release. As of the date of this update, it exists only as a blog post and UI mockups. The community is being asked to accept a product announcement as a functional safeguard five months before the mandate takes effect.

Until Google provides a shipping implementation that can be independently verified, our position remains unchanged: all apps from non-registered developers will be blocked once their lockdown goes into effect in September 2026.