Installing unknown apps in Android: a safety guide | Kaspersky official blog

For Android users, installing applications from Google Play, and Google Play only, is the wise choice. With its strong safety rules, official app monitoring, plentiful user reviews, and security researcher scrutiny, Android’s official store tends to be a safe place for downloading apps. Even when malware does make it to Google Play, it is quickly identified and removed.

Android device owners do, however, also have the option to download and install apps from third-party sources. But does the freedom outweigh the danger?

Allowing or denying alternative installation

On the one hand, having the ability to shop outside of the Google Play store can be quite useful; not every app is available there. On the other hand, that freedom comes with an increased risk of infection, because outside of Google Play, apps lose Google’s quality and safety oversight.

Together with a program’s installer — or even instead of it — dangerous apps can get onto users’ devices and steal personal data, money, or both.

Here are just a few examples of such attacks:

The above represent a sampling of why new phones come with external software installation disabled. To avoid falling victim to schemes that rely on external installations, don’t be tempted to enable installation of unknown apps, and if you have, turn it off immediately. Here’s how.

How to turn off installation of unknown apps in Android 8 and later

In the latest versions of Android, the relevant feature is called Install unknown apps, and it is enabled separately for each app.

If you have allowed installation from unknown sources for some apps, you will need to disable it separately for each app. Here’s how to do it:

  • Open the system settings on your device;
  • Choose Apps and notifications;
  • Select Advanced and go to Special app access;
  • Select Install unknown apps;
  • Check what is listed under each app installed on your phone. If you see Allowed, select the app in the list and disable installation of unknown applications.
How to disable installation of unknown apps in Android 8 and later

How to disable installation of unknown apps in Android 8 and later

Please note, we’re using the names of the settings in stock Android. Manufacturers often modify the standard Android interface, so some menu items may have different names on your phone.

How to turn off installation from unknown sources in Android 7 and earlier

In Android 7 and earlier the setting is called Unknown sources, and there’s just one switch that turns installation of non-Google Play apps on or off for the entire system. Here’s how to find it:

  • Open the system settings on your device;
  • Go to Security;
  • Scroll down to Unknown sources and make sure it’s disabled.
How to disable installation of apps from unknown sources in Android 6 and 7

How to disable installation of apps from unknown sources in Android 6 and 7

At first glance, managing this setting seems much easier in older versions of Android, but from a security viewpoint, things aren’t that straightforward. If you accidentally allow installation of unknown apps in Android 6 or 7, then any app at all can download malicious files — and that includes apps you install later.

How to safely download an app that’s not on Google Play

What if a program you need is not available in the official store, but you still need to install it?

  • Search for similar apps. Try looking for alternatives in the official store. Maybe there is an app on Google Play with functions that suit your needs.
  • Scan the file before installing. Even if you can’t do without a third-party source, don’t rush to change your settings. First, download the installation file, and before launching it, scan it with your mobile antivirus solution.
  • Check permissions. Consider the list of permissions the app requests during installation. If a program demands too much, try to find something similar with more modest requests.
  • Disable installation of unknown apps. Remember to change your settings back after installation. Don’t leave your phone open to malware!