In order to prevent hackers from sneaking malware onto the Play Store, Google has announced a new developer requirement designed to reduce the likelihood that malicious apps could end up on its Android app store.
As reported by BleepingComputer, Android developers registering as an organization to put their apps on the Play Store will now be required to provide a valid D-U-N-S number before submitting their apps for approval.
The malicious apps that manage to bypass Google’s security checks often appear as legitimate apps when submitted for review. However, after the review process is complete, the hackers behind them then add malware to their apps or have the apps themselves download other malicious payloads.
While these malicious apps are then removed from the Play Store and the developer accounts that submitted them are banned, it’s quite easy for hackers and other cybercriminals to create a new account and then submit these same dangerous apps under a new name.
Once this change goes into effect though, it will be a lot harder for hackers to get around Google’s restrictions since they’ll need a valid D-U-N-S number to submit new apps.
What is a D-U-N-S number?
A D-U-N-S or Data Universal Number System number is a unique nine-digit identifier that is issued by the data and business analytics firm Dun & Bradstreet. Each of these numbers is then assigned to a unique business.
In order to request a D-U-N-S number from the firm, Android app developers and other businesses first need to submit several documents in order to help verify the information they’ve provided. Receiving a D-U-N-S number can also take up to 30 days which is quite a lot of time for an app developer interested in making money from having their app listed on the Google Play Store.
Although you’ve likely never heard of D-U-N-S before, the standard is used by the U.S. government, the European Commission, the United nations and even Apple, as it’s considered very trustworthy. Setting up a new company to return to the Play Store is also the kind of hassle that will prevent hackers and other cybercriminals from trying to distribute their malicious apps on the platform.