I am currently developing an enterprise-level Android application and need to implement a robust, seamless app-update mechanism. Specifically, my application requires the ability to perform version downgrades (installing an older APK version over a currently installed newer version) programmatically and silently without requiring manual user intervention.

​As per standard Android security protocols, the native package installer strictly restricts and blocks version downgrades to prevent data corruption and security vulnerabilities. To bypass this restriction, my understanding is that the application must possess elevated system privileges, specifically Device Owner (DO) permissions under the Android Enterprise framework.

​However, many tutorials and documentation sources closely link Device Owner privileges with Kiosk Mode (Lock Task Mode). In my specific use case, I do not want the device to be locked down to a single app interface. The end-users must still have full, unrestricted access to the standard Android operating system, the launcher, settings, and other third-party applications.

​Therefore, I have a few specific questions:

1. ​Is it entirely possible to grant an application Device Owner status and leverage its advanced management APIs (like silent package installation and downgrades) without activating Kiosk Mode or locking down the user interface?

2. ​What is the exact workflow or ADB provisioning command required to set up this specific permission structure on a non-rooted device?

3. ​What specific flags or parameters must be passed to the PackageInstaller API session to successfully force an application downgrade once Device Owner status is achieved?