Google is taking a proactive approach to combat malware invasions on Google Play by implementing a new requirement for developer accounts. From August 31st, 2023, all new developers registering as an organization will need to provide a valid D-U-N-S number before submitting apps. This measure is aimed at enhancing the security and trustworthiness of the platform and curbing malware submissions from new accounts.
Also Read: How to use Google Chrome Extensions on Android mobile browsers
Malicious apps often find their way onto Google Play by submitting seemingly harmless code that later fetches dangerous payloads in post-installation updates. While these apps are eventually reported and removed, developers can easily create new accounts and submit the same malicious apps under different names and themes, exploiting a significant loophole.
Enhancing Security with D-U-N-S Numbers
To address this issue, Google is now making it mandatory for developers to provide a valid D-U-N-S number when creating new Play Console accounts. D-U-N-S numbers are unique nine-digit identifiers assigned by Dun & Bradstreet, a commercial data and business analytics firm, to distinguish individual businesses. Obtaining a D-U-N-S number involves a verification process that requires submitting relevant documents, taking up to 30 days to complete.
Also Read: Google Chrome: Incognito mode gets a new privacy-preserving screenshot option
D-U-N-S numbers are globally recognized and trusted, utilized by various entities such as the US government, the European Commission, the United Nations, and even Apple. By requiring this number from developers, Google aims to make it significantly more challenging for publishers of malicious apps to re-register on the app store, as they would need to establish a new company to return to the platform.
Increasing Accountability: App Support Section Revamp
In addition to the D-U-N-S requirement, Google is enhancing transparency by revamping the “Contact details” section of app entries on the Play Store. This section will now be renamed to “App support” and will include more comprehensive information about the developer.
Alongside the developer’s name, email, and location, users will find the company name, complete office address, website URL, and phone number. Google will regularly verify the provided information to ensure accuracy. If any inconsistencies are found, the account’s ability to publish apps on the Play Store will be suspended, and existing apps may be removed after a specified period.
These proactive measures by Google demonstrate the company’s commitment to improving the security and reliability of Google Play. By implementing D-U-N-S number requirements and enhancing transparency in app listings, Google aims to protect users from malicious apps and create a safer environment for app discovery and download.
