Android devices have long allowed apps to be downloaded outside of their official store. These types of apps are called APKs (Android Application Packages). Sometimes, these are platforms that are not in the Google Play Store. But sometimes they are, and there are users who prefer to install them from the browser. That is changing, and some have begun to notice it.
APK files downloaded on Android can hide malware. For this reason, experts recommend using the Google Play Store. However, some users risk downloading apps from the browser. Mainly, because they can get premium versions for free or with customization improvements.
Google has always warned of the dangers that can be found behind APKs, but until now it had allowed them without hesitation. That has changed and it has begun to offer tools to developers to prevent their consumers from opting for unofficial downloads instead of those available in the Google Play Store.
Back at Google’s I/O conference in May, the company talked about a kind of “remedial” dialogues for developers to convince users to opt for the official Android store.
The first Internet users to see such messages say that this happened to them when they tried to install an APK from the British store Tesco. During the download process, they receive a message to “Get this app from Play” and are unable to continue with the installation of the APK. That was last year, but only recently have more cases started to appear.
Recently, a Reddit user (r/retroid) commented that the same thing happened to him when trying to try Diablo Immortal on his new RP2S (portable Android game player). According to him, he tried to download the app from APKPure and couldn’t install it because the Google Play Store blocked it and forced them to download it from their store. Therefore, the company is working to make it difficult for Internet users to get their hands on APKs.
How does Google detect that you are using an APK?
From the media Android Authority they explain that Google makes it easier to detect APKs via the Play Integrity API. It is a tool designed for developers to “verify that the server interactions and requests” they use to make their app work on Android devices.
Using the API, Google can look for evidence of whether the app has been tampered with, or in other words, whether it is running in an “untrusted” software environment. Developers using the Play Store can thus block those who use their services unofficially. They can also redirect Internet users who have downloaded the APK to their site in the official store.
It’s clear that if a user has downloaded the APK it’s because they are interested in the platform. However, it’s possible that there are those who took advantage of unofficial Android downloads to enjoy features exclusive to premium plans. With the improvement that the Play Integrity API represents, this tactic becomes more complicated.
The use of such an API depends on what developers decide. For example, some use this help from Google when users enter the app, and block access entirely based on the Play Integrity findings. Meanwhile, others only call upon the API when you are about to perform a certain action, warning you not to proceed.
