No, this is not fine. The is again another barrier to ensure that things are more difficult and scary when you don't use the official play store. It's an anticompetitive behavior again.
You are already logged on your phone interface when you try to install so this additional check is excessive. I could have understood to have it just in the case that you don't protect your phone access with a pin.
Also, to not be anticompetitive, the behavior should be the same when using the play store or not. Like asking your pin to use the playstore like what is done in iOS. Even if it sucks if you want my opinion.
Every time I want to install a package off AUR I have to use sudo preceding the command. And people want to whine about that.. /shrug
In addition with other comments, you are also free to disable this behavior, you are also free to install an alternative "package manager" that will not require a sudo for each package installation ...
And out of the box, you can also install apps in our own user account without needing a sudo.
You also have to use sudo to install from official Arch repos. It would be fine if the Play store required a PIN too.
It depends on the implementation. Prompting for a pin for a one-time install of a downloaded apk is not a big deal.
If it requires a pin every time you install or upgrade from fdroid that would be really excessive and actively discouraging alternative app stores.
> but this doesn't feel like a big deal to me.
Just normal enshitification. Nothing to see here. /s
(maybe Google shall try to run Play Protect on the Play Store, i've heard that there is a lot of malware there)