Android 15 Limits Sideloaded App Functionality to Protect Users(0)

For advanced users, there is no doubt that the ability to install apps from outside the Google Play Store (i.e. sideloading) is one of the biggest advantages of Android over iOS. Sideloading gives users the freedom to install any app they want, even if it's not approved by Google or, more importantly, the authorities. Because it's easier to distribute apps directly to users than it is to publish them on an app shop like Google Play, many hackers rely on sideloading to infect users' devices with malware. To address this issue, Google introduced new restrictions in Android 15 that make it harder for sideloaded apps to gain sensitive permissions.

Before I go any further, I need to address Google’s intentions with this change. Is Google restricting what permissions sideloaded apps can obtain because they actually want to protect users, or are they doing it to keep people on the Google Play Store? Given the many court cases and legal battles that Google has been caught up with in recent years, it’s easy to be skeptical that Google has good intentions with this change. However, it’s important to consider two facts.

First, sideloading is a common vector for malware due to the lower barrier of entry for distribution. Second, these restrictions don’t apply to any third-party app stores for Android that utilize the operating system’s purpose-built API for installing apps. In fact, Android 15’s restrictions on sideloaded apps are merely an expansion of a security change introduced in a previous version, a change that has not materially impacted third-party app stores and can still be manually disabled by the user.

The change I’m referring to is called restricted settings, a feature introduced in Android 13 that makes it harder for sideloaded apps to obtain certain sensitive permissions.

For the purpose of the restricted settings feature, Android considers apps to be “sideloaded” if they were installed from an app that didn’t use the purpose-built installation API designed for app stores. Typically, this includes installations from apps like web browsers, messaging apps, or file managers. If this occurs, then the sideloaded app is denied access to permissions that grant the use of Android’s accessibility and notification listener APIs, which are two of the most powerful APIs the platform offers.

However, apps installed using the session-based installation API are not restricted from requesting permissions to use the accessibility or notification listener APIs. This is because the session-based installation API is typically used by third-party app stores. Google designed these restrictions to not impede third-party app stores, and they also designed them so users who know what they’re doing can still get around them.

The permissions to use the accessibility and notification listener APIs aren’t the only sensitive permissions that Android has to offer, though. The SMS runtime permission lets apps read the user’s entire SMS database. The device admin permission lets apps lock or wipe the device at will. The overlay permission lets apps draw on top of other apps. The usage access permission lets apps track what apps you’re using and how often you’re using them. These permissions are all incredibly powerful, which is why the user has to manually grant them to apps.

However, starting with Android 15, these permissions cannot be easily granted to sideloaded apps. Google is extending the Restricted Settings feature to cover all of the permissions I just mentioned as well as the default dialer and SMS roles. Google mentioned this extension in a blog post in May, but they didn't share the restrictions in full until last week when they released the Android 15 Compatibility Definition Document (CDD).

The section on Restricted Settings in the Android 15 CDD is lengthy, but in a nutshell, Google requires the following permissions and roles to apply the Restricted Settings feature:

The Android 15 CDD has a long section on Restricted Settings, but in short, Google requires the following permissions and roles to apply Restricted Settings:

• Special permissions
  • Accessibility
  • Notification listener
  • Device admin
  • Display over other apps
  • Usage access
• Roles (Default apps)
  • Dialer
  • SMS
• Runtime permissions
  • SMS