Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person.
Google Play, which provides access to millions of Android applications and games, has been abused by threat actors for the distribution of malware, and Google is looking for new ways to strengthen the security of both developers and users.
Newly announced steps in this direction include asking for more information from the owners of developer accounts, including a contact name and a physical address.
Furthermore, developers are required to say whether the account is personal or if it belongs to an organization, and to verify their email and phone number. For new accounts, a phone number and email address will be required at creation.
“Your contact information allows us to share important information and updates about your app. It also helps us make sure that every account is created by a real person with real contact details, which helps us keep the Play Store safe for all users,” Google says.
On top of that, the Internet search giant is making 2-Step Verification mandatory for all developer accounts when they sign into Google Play Console.
Android developers can already verify their contact details and declare the account type. Optional for the time being, declaring the account type will be required when updating contact details.
Starting August, developers will have to specify the account type for all new accounts. Verification of contact details and the use of 2-Step Verification will also be mandatory.
Before the end of the year, both declaring the account type and signing in using 2-Step Verification will be a requirement for all existing developer account owners.
Further steps developers can take to ensure the security of their accounts include keeping contact information active and up to date and using a different contact email address than the one used to create the Google account. For business accounts, the contact email address should be associated with the organization rather than being a generic or personal address.
Related: Android App Developers Required by Google to Share More Info on Data Handling
Related: Google Unveils New Encryption Features for Android Developers
Related: Google Play Protect Scans 100 Billion Android Apps Daily
More from Ionut Arghire
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Malicious NPM, PyPI Packages Stealing User Information
- Boxx Insurance Raises $14.4 Million in Series B Funding
- Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data
- 30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability
Latest News
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- UK Car Retailer Arnold Clark Hit by Ransomware
- Dealing With the Carcinization of Security
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Cyber Insights 2023 | Supply Chain Security
- Cyber Insights 2023 | Regulations
