Google Play

Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps.

The new measure aims to enhance the platform's security and trustworthiness and is part of the effort to curb malware submissions from new accounts.

Typically, malicious apps on Google Play are submitted for review without dangerous code or payloads, which are then fetched later via an update in the post-installation phase.

The offending apps are reported and removed from the Play Store, and their developers are banned. However, it is relatively easy for them to create a new account and submit the same dangerous apps under a new name and theme.

To deal with this loophole, starting on August 31st, 2023, Google will require all  developers creating new Play Console accounts to provide a valid D-U-N-S number.

D-U-N-S (Data Universal Numbering System) are unique nine-digit identifiers assigned by commercial data and business analytics firm Dun & Bradstreet to unique businesses.

Organizations requesting a D-U-N-S number from Dun & Bradstreet have to submit several documents that help verify the provided information, and the process can take up to 30 days to complete.

D-U-N-S is a globally recognized proprietary standard used by the United States government, the European Commission, the United Nations, and Apple, and it's considered trustworthy.

By requiring a D-U-N-S number from software developers, Google will make it much harder for publishers of malicious apps to re-register on the app store, as they would have to set up a new company to return to the platform.

In addition to the above, Google will change the "Contact details" section of app entries on the Play Store, renaming it to "App support" and adding more information about the developer.

Previously, this section hosted the developer's name, email, and location, but now it will also include the company name, complete office address, website URL, and phone number.

Mockup of the new App support section
Mockup of the new "App support" section
(Google)

This change will enhance transparency, empowering users with a clearer understanding of the company responsible for each app.

Google says it will regularly verify information provided by app developers for inclusion in that section.

If they find any inconsistencies, they will suspend the account's ability to publish apps on the Play Store, eventually removing existing apps after a specified period.

Related Articles:

Android 15, Google Play Protect get new anti-malware and anti-fraud features

Google Pixel 6 series phones bricked after factory reset

New Medusa malware variants target Android users in seven countries

Over 90 malicious Android apps with 5.5M installs found on Google Play

Rafel RAT targets outdated Android phones in ransomware attacks