My leading theory is they're preparing for a increasing onslaught of spam "vibe-coded" shovelware

"I love sowing but I hate reaping"

Indeed, and on the other end they are locking down the OS more and more. Pretty soon I suspect all my reasons for going Android over the years will no longer be valid and we'll just have a choice between overlords rather than have one closed and one open platform.

That boat sailed for me years ago. iOS respects my preferences regarding data sharing, app selection, etc, much more than Android.

I had a PWA turned app on the android App Store and I just gave up jumping through google’s hoops to keep it up. I feel like Google is killing Google, like some bad actors have gotten control of the reins and is slowly steering it off a cliff.

My problem with Google Play is the obvious fake reviews, there is no way Microsoft has 4+ ratings for most of their apps. It's too easy to buy a wave of 5-star reviews.

When something is off, way off, or you can't find a plausible explanation, that means it is a long term thing not in the general populace's sight, yet. It comes later, might be a move in order to pave way for something or moving something out of the way for something.

The big corps are NOT autonomous, they are moved around like chess pieces. They are tentacles of a bigger entity, whatever that is.

>They now require a DUNS number to submit an app

Even for non-us residents?

Its an EU DSA requirement for app stores to display information about developers publicly available. Apple is also doing it. And I guess these companies are applying the requirement worldwide unless some countries are opposed to it.

DUNS is used globally.

what do you think the solution is? should we just all use fdroid?

the Apple App Store has always required a DUNS number.

No, it hasn't, and doesn't.

https://developer.apple.com/help/account/membership/D-U-N-S/

> If you’re enrolling as an individual, you don’t need a D‑U‑N‑S Number.

Yes, for businesses. That's true for Play Store also https://support.google.com/googleplay/android-developer/answ...

> These things are easy to get, the idea is to at least slow down the deluge of scam apps and barely working "vibe coding" apps.

When you add bureaucratic hurdles to a process to try to slow down abuse, you often find that abusive users are more willing to navigate that process than legitimate ones. (We've seen this with email spam already - spammers are perfectly willing to set up DKIM and DMARC, and have stronger incentives to do it correctly than legitimate senders.)

> When you add bureaucratic hurdles to a process to try to slow down abuse, you often find that abusive users are more willing to navigate that process than legitimate ones.

In this case, it's not just a bureaucratic hurdle, it's adding a real external cost - app authors now have to go and deal with their government to get something DUNS accepts as a certification of entrepreneurship.

For single developers and legitimate startups, that cost is practically irrelevant and they're going to have to do it anyway to file taxes - but scammers run into the issue that they'll have to either use their own identity or have to clone someone else's which carries significantly more risk when the cops come investigating.

The main goal of SP, DKIM and DMARC wasn't to slow down spammers by setting up "bureaucratic hurdles", it was to prevent domain spoofing, though, and arguably it's succeeded at that.