Publishing on the play store now requires giving out personal identity documents (like drivers license or passport), full legal name/phone number/email/tax ID/etc., as well as your private signing keys.
That’s a hard nope for me.
I’m surprised this wasn’t already the case. You’re distributing potentially malicious code to users’ devices, and they expect a base level of safety from the Play Store. You’re free to publish elsewhere, so it’s not like Apple’s policy.
I don’t consider a personal dev’s identity documents and signing keys to have much bearing on “safety”.
You’re not a developer, you’re a company, even if you’re doing business as an individual.
The signing key requirement has pros and cons. Cons being that Google can now impersonate developers and inject code at will. This seems somewhat irrelevant in face of the control they already exert through Google Play Services, but it’s obviously bad nonetheless.
Pros being that Google can now keep the signing key secure behind a Google sign-in instead of relying on individual developers to maintain good opsec.
What Constitutes a ‘Low-Quality’ App?
According to Google’s updated policy, ‘low-quality’ apps include those that:
- Are unstable or prone to crashes.
- Lack responsiveness or are slow to load.
- Offer minimal functionality such as single-page apps or simple wallpaper collections.
- Fail to install or load properly.
LOL
Thanks for doing what you should have been doing for 16 years.
