Why Installing Fortnite on Android Will Be a Security Nightmare

Fortnite is finally coming to Android, but it's arriving in the riskiest way possible. Epic Games is bypassing the Google Play Store and distributing the game itself, which creates a serious security vulnerability.

According to a Toucharcade interview with Fortnite publisher Epic Games' Tim Sweeney, users will be directed to the Fortnite website to "sideload" an APK file (an Android package file) called Fortnite Installer, which then in turn installs Fortnite. The interview glosses over a major issue, though: You need to enable a setting called Unknown Sources that allows Androids to run APK files from sources other than Google Play.

Once you enable Unknown Sources, you open up your device to malicious applications that websites will try to push onto your device. Malicious apps can quickly get free rein to steal your data, and possibly hijack your phone.

Will the Fortnite Installer require that you permanently enable Unknown Sources after you first use it? We've reached out to Epic for comment, but unless Fortnite Installer never needs updates, it's possible that you'll have to keep this dangerous setting activated all the time. If so, there's no way that Android malware distributors won't try to take advantage of this opportunity.

MORE: Fortnite for Dummies: Why It's Taking Over the World (And How to Jump In)

In the interview, Sweeney outlined what he said were two reasons for Epic's decision, even though they're really the same reason.

The first is to "have a direct relationship with our customers on all platforms ... now that physical storefronts and middlemen distributors are no longer required."

In other words, Epic wants to sell Fortnite's in-game purchases directly to you, without having to go through Google (or Steam). But, of course, you can't do this with the iOS app store. Unlike Google, Apple provides no sideloading option, and Epic would have to ask users to jailbreak their iPhones, which is much harder than it used to be.

The other reason, Sweeney admitted, is Epic's bottom line: "We're motivated by economic efficiency. The 30 percent [Apple and Google] store tax [really a cut of the retail price] is a high cost in a world where game developers' 70 percent must cover all the cost of developing, operating and supporting their games."

Sweeney argues that a profit-sharing process (i.e., Microsoft or Nintendo's cut of Fortnite in-game purchases) is OK on consoles "where there’s enormous investment in hardware, often sold below cost, and marketing campaigns in broad partnership with publishers."

But he says that Google's 30 percent cut is "disproportionate to the cost of the services these stores perform, such as payment processing, download bandwidth, and customer service."

That might be seen as disingenuous. Like Apple, Microsoft and Nintendo don't let players download games from anywhere other than their official game stores. It could be argued that Epic is doing this on Android only because it can.

Fortnite — the most popular game on Earth right now — has only grown in popularity since it launched on iOS this past April and the Switch in June. Sadly, Sony has yet to give crossplay capabilities to PS4 owners.

Henry T. Casey
Managing Editor (Entertainment, Streaming)

Henry is a managing editor at Tom’s Guide covering streaming media, laptops and all things Apple, reviewing devices and services for the past seven years. Prior to joining Tom's Guide, he reviewed software and hardware for TechRadar Pro, and interviewed artists for Patek Philippe International Magazine. He's also covered the wild world of professional wrestling for Cageside Seats, interviewing athletes and other industry veterans.