Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person.
Google Play, which provides access to millions of Android applications and games, has been abused by threat actors for the distribution of malware, and Google is looking for new ways to strengthen the security of both developers and users.
Newly announced steps in this direction include asking for more information from the owners of developer accounts, including a contact name and a physical address.
Furthermore, developers are required to say whether the account is personal or if it belongs to an organization, and to verify their email and phone number. For new accounts, a phone number and email address will be required at creation.
“Your contact information allows us to share important information and updates about your app. It also helps us make sure that every account is created by a real person with real contact details, which helps us keep the Play Store safe for all users,” Google says.
On top of that, the Internet search giant is making 2-Step Verification mandatory for all developer accounts when they sign into Google Play Console.
Android developers can already verify their contact details and declare the account type. Optional for the time being, declaring the account type will be required when updating contact details.
Starting August, developers will have to specify the account type for all new accounts. Verification of contact details and the use of 2-Step Verification will also be mandatory.
Before the end of the year, both declaring the account type and signing in using 2-Step Verification will be a requirement for all existing developer account owners.
Further steps developers can take to ensure the security of their accounts include keeping contact information active and up to date and using a different contact email address than the one used to create the Google account. For business accounts, the contact email address should be associated with the organization rather than being a generic or personal address.
Related: Android App Developers Required by Google to Share More Info on Data Handling
Related: Google Unveils New Encryption Features for Android Developers
Related: Google Play Protect Scans 100 Billion Android Apps Daily
More from Ionut Arghire
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data
- Legit Security Raises $40 Million in Series B Financing
- Atlassian Security Updates Patch High-Severity Vulnerabilities
- Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
- Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
