Google Is Taking Steps To Secure Custom Android ROMs

Image: XDA Developers

One of the big attractions of Android is that developers can customise the operating system to their heart's content while being able to leverage the apps that Google provides. But things changed a couple of weeks ago. Developers who create custom firmware that isn't certified can no longer install official Google apps. Developers could do this, although it was outside the specific rules Google specified in the Compatibility Definition Document, but the rules are now being enforced.

Eagle-eyed spotters at the XDA Developers learned of the change following a tip-off from an industry insider. This tipster, claiming they work for an OEM/ODM said Google started entirely locking out newly built firmware from accessing Google apps.

Google apps are known as Gapps in the developer community.

The change went into effect about two weeks ago and is enforced by Google Play Services checking the ro.build.fingerprint for the build date. However, developers were notified that this was coming about a year ago with some developers hitting the problem as Google has been testing the changes in their back-end systems.

When the problem manifests, the device displays a message saying "Device is not certified by Google". However, the device can be certified by registering it Google Mobile Services.

The move, by Google, is likely a way to discourage device makers from bypassing some of the security protocols the company has in place. In the past, devices that didn't follow the rules could simply side-load apps to uncertified devices. And while that's technically possible through the registration process - which is handy for developers - this should stop devices from hitting users that don't understand the potential risks of installing uncertified firmware.

Trending Stories Right Now