In this part, app is valid or not becomes important for Android market. A known fact in Android market, any app can be downloaded from it without accessing a significant quantity of personal data which is different in App Store. The Android Market usually exploits user's pennission to perfonn downloading the apps which can acquire root-level privileges to obtain any needed resources from operation system. For example, the App Store's method acquires developed app need to be signed using apple's private key. However, Android allows the apps which can be self-signed and uses these signatures for bookkeeping, not to control what code can fUll. In addition, instead of using a top-down approach to malware prevention and Apple's reviewer comments mechanism, Android uses crowd sourcing which relies on users' download rate and comments on apps. If enough people complain about one app, then it will be removed from the Market. This kind of mechanism is relatively easy for a malicious developer to manipulate. However, apple's reviewer comments method perhaps ensures the security of app in App Store. But the process of reviewing costs long time which seriously affects the works of real-time app such as anti-virus app. It is the most important problem we need to concern; some apps need to update their critical contents in time for ensuring the apps can achieve their functionalities. This drawback won't be
presented on Android market, but its security and privacy isn't better than App Store. A better approach is to use source code examination to replace the crowd sourcing and reviewer's comments. The main reason behind it is that it not only reduces the checking time of a reviewer but also provide a stronger protection to Android market.