App sharing is a big deal. It’s what I used to do when I was studying and barely making ends meet. You know, when data prices in this country were very high and we would do anything to save a megabyte or two instead of spending it all downloading or updating apps on the Play Store. Heck, we even had the best workarounds to get all the game data that those gaming apps require.
While I may no longer be doing that, it’s still a big thing among many young people out there for almost the same reasons as the ones myself and my peers had, much as data prices today are more affordable than they were, say, 5 years ago.
What that means is that there are lots of apps being shared offline for which Google and the specific app developers have no say on how they are distributed and even their safety since Google Play Protect only works for apps that on the store only.
One of the reasons why I don’t recommend downloading apps from places other than the Play Store and trusted third-party app stores and sites, like our darling APKMirror, is that in some instances, the apps are compromised and used to spread malware, which can be dangerous both to the device where they are installed and the user him/herself in the event that their data is siphoned to far-flung servers and used for dubious purposes including identity theft, bank fraud, botnet attacks among others.
It is with this in mind, and, of course, the need “to help developers reach a wider audience” that Google will be “adding a small amount of security metadata on top of APKs to verify that the APK was distributed by Google Play. ” This is akin to an authentication system of sorts and will come in handy for those who share legitimate apps with others as Google will be able to verify the app installed on the other party’s device, add it to their Google Play library and provide updates for it just as it would regular apps installed directly from the Play Store. Additionally, such apps will also benefit from the regular security checks done by Google Play Protect.