Tutorial

How to publish your first Android app on the Google Play Store (2026)

Publishing your first Android app in 2026 is harder than it was in 2020 — Google added a 20-tester closed-testing requirement, tightened privacy rules, and made Play App Signing mandatory. Here's the current, complete path.

May 12, 202613 min readCruxBit Team

Two things changed about Play Store publishing in 2024–2025 that almost every old tutorial misses. First: new personal accounts must run a closed test with at least 20 testers for 14 days before they can publish to production. Second: Play App Signing is mandatory for new apps — you can no longer ship your own keystore directly to users. The full path in 2026 is a mix of the old steps (build an AAB, fill the store listing) and these new gates. Here's the current version end-to-end.

Account types matter

Personal accounts have the 20-tester / 14-day requirement. Organisation accounts (with valid DUNS) skip that — they can publish directly. If you're shipping a business app, register as an organisation. The DUNS lookup is free.

1. The full path at a glance

Play Store publishing in 2026
   1. Create developer account ($25 one-time)
              │
              ▼
   2. Identity verification (govt ID + selfie)
              │   takes 24h–7 days
              ▼
   3. Build a signed AAB (Android App Bundle)
              │
              ▼
   4. Create app in Play Console
              │
              ▼
   5. Fill: store listing, content rating,
      data safety, target audience, privacy policy
              │
              ▼
   6. Upload AAB to "Closed testing" track
              │
              ▼
   7. PERSONAL accounts: recruit 20 testers,
      run for 14 calendar days
              │
              ▼
   8. Promote to Production → Submit for review
              │   1–7 days
              ▼
   9. Live on the Play Store

2. Create a Google Play Developer account

  1. 1Go to play.google.com/console
  2. 2Pay the one-time $25 registration fee
  3. 3Choose account type — Personal or Organisation. Pick carefully; you can't switch later without re-paying
  4. 4For Organisation: keep your DUNS number handy (free lookup at dnb.com/duns-number/lookup)

3. Identity verification

Google now verifies every new account against a government-issued ID. The flow appears in the Console under "Account details." Upload a passport / driver's license / national ID and complete the live selfie check. Approval is usually 24–72 hours, sometimes up to a week. You can do steps 4–6 in parallel — you just can't publish until verification clears.

4. Build a signed AAB

Play Store no longer accepts APKs for new apps — you ship an Android App Bundle (.aab). Google generates the per-device APKs on their side from your AAB.

Native Android (Gradle)

android/app/build.gradle
groovy
android {
  signingConfigs {
    release {
      // Use upload key (NOT app signing key — Google manages that)
      storeFile file(System.getenv("UPLOAD_KEYSTORE_PATH"))
      storePassword System.getenv("UPLOAD_KEYSTORE_PASSWORD")
      keyAlias System.getenv("UPLOAD_KEY_ALIAS")
      keyPassword System.getenv("UPLOAD_KEY_PASSWORD")
    }
  }

  buildTypes {
    release {
      signingConfig signingConfigs.release
      minifyEnabled true
      shrinkResources true
      proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'),
                    'proguard-rules.pro'
    }
  }
}
bash
# Generate an upload keystore once (keep it FOREVER — backed up)
keytool -genkey -v -keystore upload-keystore.jks \
  -alias upload -keyalg RSA -keysize 2048 -validity 36500

# Build the AAB
./gradlew bundleRelease
# Output: android/app/build/outputs/bundle/release/app-release.aab

React Native / Expo

bash
# Expo (EAS Build) — easiest path
npm install -g eas-cli
eas login
eas build:configure
eas build --platform android --profile production
# Builds remotely, returns a signed .aab download link

Flutter

bash
# After configuring signing in android/key.properties:
flutter build appbundle --release
# Output: build/app/outputs/bundle/release/app-release.aab

Lose your upload keystore = serious problem

If you lose your upload key, you can request a reset from Google (Play Console → Setup → App integrity), but it takes days and disrupts updates. Back up the .jks file to a password manager AND a second offline location. Never commit it to git.

5. Create the app in Play Console

  1. 1Console → All apps → Create app
  2. 2Name (50 char max), default language, app or game, free or paid
  3. 3Accept the declarations (developer policy, US export laws)
  4. 4Click "Create app" — you're dropped into the app's dashboard with a long left-side checklist

6. The store listing checklist

  • App icon — 512×512 PNG, 32-bit (with alpha)
  • Feature graphic — 1024×500 PNG / JPG (no transparency)
  • Screenshots — minimum 2, recommended 4–8. Phone (16:9 or 9:16), 320–3840 px on the shortest side. Tablet screenshots boost discoverability on tablets
  • Short description — 80 characters. Shows in search results. Pack the keyword and the benefit
  • Full description — 4000 characters. Be human, not stuffed. Google ranks based on real users finding it useful, not keyword density
  • App category — pick honestly; mis-category = lower ranking
  • Email + website + privacy policy URL — privacy policy is mandatory. Use Iubenda / Termly / a hand-written page; a real URL with a real document. Google checks

7. Content rating, data safety, target audience

  1. 1Content rating — fill the IARC questionnaire honestly. Wrong answers (e.g. claiming no user-generated content when you have a chat feature) = removal months later
  2. 2Data safety — declare every data type collected, the purpose, whether it's shared with third parties, whether it's encrypted in transit. Be specific. This is the form Google audits most aggressively in 2026
  3. 3Target audience and content — age groups, ads, account creation. If you target children (under 13), expect significantly stricter review and ongoing scrutiny
  4. 4Government apps / News / Health / Financial apps — additional declarations and proof required

8. Closed testing (the new mandatory gate for personal accounts)

If you registered as a Personal account, you must run a closed test with at least 20 opted-in testers for 14 calendar days before Production access unlocks.

  1. 1Console → Testing → Closed testing → Create a track
  2. 2Upload your AAB to this track
  3. 3Create a tester list — paste 20+ Gmail addresses, or a Google Group
  4. 4Share the opt-in link with each tester. They must click it AND install the app
  5. 5Google starts the 14-day clock from when 20 testers have opted in
  6. 6Real testers, real feedback — Google checks for hollow lists

Run an internal track first

Internal Testing has no cap, no review, and propagates in minutes. Use it for your own dev devices. Closed testing is for outside testers — friends, customers, communities. Don't conflate them.

9. Promote to Production and submit

  1. 1Once your closed test has cleared the 14-day window, you'll see "Apply for production access" in the dashboard
  2. 2Fill the short questionnaire about your testing experience and any feedback received
  3. 3Go to Production → Create new release → import the same AAB you tested
  4. 4Fill release notes (per language). Keep them short and human
  5. 5Save → Review release → Start rollout. First review typically 1–3 days; first releases sometimes up to 7

10. After approval — the parts that matter

  • Staged rollouts — release to 10% → 50% → 100% over a few days. Catches crashes before they hit everyone
  • Vitals — Console → Quality → Vitals shows ANR rate, crash rate, slow start times. Anything above Google's threshold tanks your discoverability
  • Pre-launch reports — Google runs your AAB on real devices, screenshots and crashes get logged. Free QA
  • Play App Signing rotation — Google manages the signing key going forward. Don't try to upload an APK signed with your old keystore later — it'll be rejected
  • Updates — bump versionCode in build.gradle for every upload. Play Store keys releases by version code, not version name

11. Common reasons apps get rejected in 2026

  • Privacy policy URL returns 404 or doesn't actually mention the data you collect
  • Data safety form doesn't match what the SDKs you've integrated actually do (Google scans your AAB)
  • Test login credentials missing in the "App access" section (mandatory if your app requires login)
  • Misleading app name, icon, or category (e.g. fake "official" of another brand)
  • Requesting permissions the app doesn't use (location, contacts, SMS)
  • Crash on first launch on Google's review devices — fix locally, re-upload, re-submit

12. Pre-launch ASO (App Store Optimisation) basics

  • Title — primary keyword + brand. "Linear · Track work, ship faster" beats "Linear"
  • Short description — second-most important ranking factor after title
  • Screenshots — pair every screenshot with a one-line annotation describing the value
  • First two screenshots are visible without scrolling on a phone search result. They convert installs more than anything else
  • Reviews — ask politely in-app after a successful action. Reviews dominate ranking

TL;DR

  • Pay $25, verify identity, build a signed AAB
  • Personal accounts: 20 testers, 14 days in closed testing, then Production unlocks
  • Mandatory: privacy policy URL, data safety form, content rating, target audience
  • Play App Signing is mandatory — back up your upload keystore in two places
  • Submit, wait 1–7 days, stage the rollout, watch Vitals
  • Categories, screenshots, short description, and reviews drive discoverability more than the description

Shipping your first Android app and want a sanity check on the AAB, store listing, or data-safety form before submitting? Drop us a paragraph — we ship apps to Play Store almost weekly and will happily take a look at yours.

#Android#Play Store#Mobile#Tutorial#Publishing
Back to all posts

Up next

AI

Vibe coding in 2026: what it's actually good for (and where it bites)

Half the engineers we know vibe-code their way through a Saturday side project and half their Monday standup. Here's where vibe coding earns its keep in 2026 — and the failure modes nobody wants to admit on Twitter.

AI

Spec-driven development: how teams actually ship AI-written code in 2026

"Vibe coding" got us all to a demo. Shipping production software with AI needs something stronger — a spec-first loop with executable checks. Here's the workflow we've standardised on in 2026.

Tutorial

How to use Google Antigravity: a hands-on guide to the new agentic IDE

Google Antigravity launched in November 2025 and the search volume hasn't slowed since. Here's a hands-on guide: install, run your first agent, wire it to your project, and use the Inspector the way it's meant to be used.

Have a project?

Building something we've just written about?

Drop us a line. We respond within 24 hours with a candid, no-pressure take on whether we're the right partner.

Start a conversationRead more posts