Starting with Android 8 (“Oreo”), things get much more serious and secure: You give each app individual permission to sideload, rather than setting up sideloading as a global option. If you turn on that setting, you can load any app you want. With older versions of Android (7 and below), there’s a single check box in the Settings menu, under Lock Screen and Security (“Unknown Sources”). If you want to sideload apps, either by installing them manually or from another Android app store, you have to turn on that feature. A Samsung phone protected by Samsung Knox, for example, won’t load apps from other phone manufacturers, as they constitute an “unknown source.” “Unknown” is a vague term, but for most users it means any app store not preloaded as trusted by their phone manufacturer - which is usually a very small set.
Out of the box, Android phones don’t allow it Android blocks apps from unknown sources. Sideloading is considered a security risk. How do sideloading and security interact? If you’re getting an app from Google Play, Amazon Apps or Samsung Galaxy Store, that’s normal if you’re grabbing an APK file anywhere else on the internet, that’s sideloading. But sideloading has taken on a broader definition: Installing any app outside the normal app store infrastructure is considered sideloading, even if you still download it. The origin is the same you’re moving an Android Package (APK) file containing an app to an Android phone so it can be manually installed. When it comes to Android mobile devices, sideloading has a more specific meaning.
It’s an old technique that gained widespread use when MP3 players became popular and people sideloaded music from a PC after downloading it from the internet. Sideloading entails moving files between two devices, usually next to one another, and was originally only done with a USB connection or by inserting a memory card. “Sideloading” is like downloading or uploading - only different.