Android has seen a lot of changes in recent years, with Google managing to put security, privacy, and AI at the forefront of its recent efforts. And while most of the changes are welcome, some would argue that Android is slowly losing its core identity as a truly customizable operating system. Of course, this seems to be a price Google is willing to pay as it looks to get Android into the hands of more and more consumers over the next decade. That being said, app sideloading has pretty much always been a thing on Android, giving users the ability to download and install applications from another source outside of the Google Play Store.

There are many reasons why a user would choose this route, but the downside of sideloading is that it can be unsafe if you don’t know what you’re doing, and in the worst case scenario, it can affect not only the experience of the app, but Android as a whole. So from a developer’s perspective, there are a number of good reasons why they wouldn’t want a user to download an app that isn’t from a legitimate source. And while there are some buffers in place to prevent sideloaded apps from being installed, users can now easily bypass them. But it looks like this could change in the near future, as Android’s Play Integrity API will introduce new hurdles for those looking to sideload apps in the future.

The news comes from Android Authority’s Mishaal Rahman, who looks at how the Play Integrity API protects users and prevents sideloading, which has been relatively easy in the past. The API does a lot of work to ensure that installed apps come from a genuine source. If it detects a modified version of the app or sees unusual behavior, the API can take action to prevent problems or “reduce abuse.” While that may sound pretty straightforward, there are a number of ways the API checks an app to make sure it’s legitimate.

Google details how this API works on its developer site, giving a brief overview of how it processes information and determines what is real and what is not. Developers can use a number of parameters, such as “Check if this happened in your real app binary, installed from Google Play and running on a real Android device.” Things can go even further with developers adding more data points, such as “number of requests a device has made recently and signals about the environment, including the app access risk verdict and Play Protect verdict.”

And as you can imagine, if there are any red flags within those parameters, a decision can be made on how to handle the situation depending on the severity of the breach, covering “abuse, fraud, misuse, deception, unauthorized access, and attacks.” Of course, this is the responsibility of the developers and how best to use that data and take action. Rahman gives an example of how prompts work when there is an issue with the integrity judgment. In this example, the dialog simply prompts the user to download the app from the Play Store, which immediately resolves the issue.

While there have been ways to detect issues with apps installed on Android devices in the past, this new method makes it easier for developers to review and take action against offending apps and their users. Google has already implemented ways to move users from sideloaded apps to official apps, and this will obviously evolve over time. And as this feature and other security features progress, the window for the customization options Android was once known for will slowly close even further. But it’s clear that Google is ready to move forward and shed its old skin, as Android is no longer an operating system for tinkerers and is now aiming to capture the mass market.