On-device Android container apps and the REQUIRE_SECURE_ENV manifest flag option

Many users enjoy using on-device Android container apps to perform a variety of functions (for example, to enable multi-account usage for an app). However, the experience within these apps may not always reflect the full suite of Android safety and security features that users have come to expect. For this reason, we’ve updated our Device and network abuse policy to allow on-device Android container apps to continue serving users while also giving all developers the ability to opt out of on-device Android container apps through the REQUIRE_SECURE_ENV manifest flag.

Frequently asked questions

How do I know if my app is an on-device Android container?

If your app loads third-party APKs into its own app space, and those apps reasonably execute as if they are installed in a normal Android environment due to your app intercepting and potentially proxying calls, your app is considered an on-device Android container app.

My app creates an on-device Android container but it provides security and privacy safeguards. Do I still need to follow the new policy requirements?

Yes, all on-device Android container apps must comply with the new policy requirements for such an environment.

What is proxying to apps via intercepting or calling?

An on-device Android container app proxies to other apps via intercepting or calling by requesting, sending, redirecting or intercepting API calls to apps outside the container in order to disguise them as being within the container. On-device Android container apps cannot proxy to apps via intercepting or calling as per the new policy requirements.

My app is an enterprise app that creates a separate work profile for users and requires device admin permissions. Does this policy apply to me?

No. Enterprise apps that allow for separate work profiles and require device admin permissions to operate are not considered on-device Android container apps.

As an app developer, should I add the REQUIRE_SECURE_ENV to my manifest?

The REQUIRE_SECURE_ENV is open to all app developers who don't want to operate in an on-device Android container app. We don’t have specific recommendations for whether certain types of apps should add the flag. That decision is up to you as a developer and is unique to your specific security and privacy needs.

As an app developer, if I add the REQUIRE_SECURE_ENV to my manifest, are on-device Android container apps technically unable to load my app?

No, there is no technical feature that prevents on-device Android container apps from loading your app, but our policy requires developers of on-device Android container apps, distributed on Google Play, to check the manifest of all apps that they intend to load into their Android container. The policy also prohibits developers from loading apps that have added the REQUIRE_SECURE_ENV flag to their manifest.


To find out more about REQUIRE_SECURE_ENV flag, see Device and network abuse.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu