Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

New Security Measures Announced for Google Play Developer Accounts

Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person.

Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person.

Google Play, which provides access to millions of Android applications and games, has been abused by threat actors for the distribution of malware, and Google is looking for new ways to strengthen the security of both developers and users.

Newly announced steps in this direction include asking for more information from the owners of developer accounts, including a contact name and a physical address.

Furthermore, developers are required to say whether the account is personal or if it belongs to an organization, and to verify their email and phone number. For new accounts, a phone number and email address will be required at creation.

“Your contact information allows us to share important information and updates about your app. It also helps us make sure that every account is created by a real person with real contact details, which helps us keep the Play Store safe for all users,” Google says.

On top of that, the Internet search giant is making 2-Step Verification mandatory for all developer accounts when they sign into Google Play Console.

Android developers can already verify their contact details and declare the account type. Optional for the time being, declaring the account type will be required when updating contact details.

Starting August, developers will have to specify the account type for all new accounts. Verification of contact details and the use of 2-Step Verification will also be mandatory.

Advertisement. Scroll to continue reading.

Before the end of the year, both declaring the account type and signing in using 2-Step Verification will be a requirement for all existing developer account owners.

Further steps developers can take to ensure the security of their accounts include keeping contact information active and up to date and using a different contact email address than the one used to create the Google account. For business accounts, the contact email address should be associated with the organization rather than being a generic or personal address.

Related: Android App Developers Required by Google to Share More Info on Data Handling

Related: Google Unveils New Encryption Features for Android Developers

Related: Google Play Protect Scans 100 Billion Android Apps Daily

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Edge Delta has appointed Joan Pepin as its Chief Information Security Officer.

Vats Srivatsan has been appointed interim CEO of WatchGuard after Prakash Panjwani stepped down.

Network security policy management firm FireMon has appointed Alex Bender as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.