Comment by chenxiaolong
21 days ago
If this is enforced via Play Protect, then the whole mechanism can likely be disabled with:
adb shell settings put global package_verifier_user_consent -1
This does not require root access and prevents Android from invoking Play Protect in the first place. (This is what AOSP's own test suite does, along with other test suites in eg. Unreal Engine, etc.)
I personally won't be doing this verification for my open-source apps. I have no interest in any kind of business relationship with anyone just to publish an .apk. If that limits those who can install it to people who disable Play Protect globally, then oh well.
How long until Google decides to lock it down because "scammers" can "abuse" it?
Would be a real shame if this also nuked your safetynet trust score if they realize too many people are using this escape hatch...
I really hope this ends up being possible! Play Protect seems to jump up every so often and try to scare me into turning it on. Very annoying. I've wanted to disable Play Protect permanently, but never did the query to learn how, so thank you.
What does this break?
There shouldn't be any side effects other than rendering Play Protect inert. No other AOSP component relies on this setting.
There could of course be side effects in the future when this restriction is rolled out, as in your device's Play Integrity status could be affected and your banking app/phone wallet might not let you perform app-based payments from that device.
2 replies →
I kinda feel like they'll make sure any workaround for this will ensure you can't use banking apps, Google Pay, etc.
I really hope this is done via Play Protect. You can also disable it temporarily in Google Play and install whatever you want.
Ironic that Google's supposed concern for avoiding malware will cause people to turn off their malware scanner.
There's also the related "Verify apps over USB" setting which is even exposed in the developer mode settings GUI.