Google: No, app makers, you can't skip the Play Store
An update to the Google Play Store contains mostly minor tweaks except for one security fix: apps are no longer allowed to bypass the Play Store when updating. This means you, Facebook.
A change to the Google Play Store policy corrects a security loophole and forces all apps installed through the store to update through the store, too.
DroidLife is reporting the security fix puts the kibosh to apps that had been installed via the Play Store, but had been asking users to install updates outside of the marketplace workflow.
The change to the Content Policy, apparently shown to developers when they log in to the Play Store, admonishes them to not coerce their users into skipping the store. "An app downloaded from Google Play may not modify, replace or update its own APK binary code using any method other than Google Play's update mechanism," the new policy reads. "Google Play is a trusted source for Android application downloads, and we are committed to providing a secure and consistent experience," the note concludes.
This isn't an issue on iOS, where all app transactions must occur through Apple's App Store. Android allows apps to be installed through official means, such as the the Play Store or the Amazon Marketplace, and through sideloading, when an app is downloaded and installed directly from a Web site. This policy change does not end either of those practices. The change stops developers from notifying their users about an app update outside of the Play Store.
Perhaps the best-known developer guilty of the practice was Facebook, wrote DroidLife. Facebook side-stepped the Play Store for the first time about a month ago, just before the release of Facebook Home.
Neither Google nor Facebook immediately returned requests for comment. CNET will update the story when they do.