Why it matters: Digital Rights Management software has routinely been abused by content publishers and can be downright invasive in certain instances. Google claims to be beefing up security for end users by signing apps with additional metadata, but could easily change course at any time.
As part of Google's efforts to enhance security across Android devices, apps published on the Play Store will now have metadata added to them at the time of publishing. Additional data applied to the APK files hosted by Google is just a fancy way of saying DRM.
One of the benefits to this change is that apps can be verified for integrity even when there is no cellular or Wi-Fi connection. Peer-to-peer app sharing is relatively common in developing markets with more limited internet access, which makes identifying legitimate apps a little more difficult.
For apps that were installed via an APK file to a device while offline, Play Store updates will be automatically enabled once internet access is found. Developers are effectively being given a sanctioned method for distributing their apps outside of the Play Store while still retaining the ability to push updates through Google's platform.
Assisting users in keeping their apps up to date is another way to help make devices more secure. However, there are some obvious caveats here depending on how developers leverage the newly added metadata.
It is now possible for developers to easily restrict how their apps are being used. Netflix used to only work on certain mobile devices that were deemed to be authorized. Any other business or developer could easily follow suit if they were willing to endure the wrath of the general public.
Google's intentions appear to be alright for now, but the addition of what is nothing less than a form of DRM certainly presents some red flags. Anti-tamper protections will be welcomed by those earning paychecks from in-app purchases, but end users are left only taking Google at their word that the new protections are really in their best interests.