On the other hand, Android allows apps to be self-signed. This has a fundamental flaw: an Android developer can claim to be anyone they want, including Bank of America. Thus, when you download an app from an Android App store, there’s a real possibility that the app was submitted by a charlatan. What’s more, those charlatan apps can actually be malicious!
Daniel Eran Dilger has written an excellent article that features the differences between Apple’s signing process and Google’s. I highly recommend you read his article entitled ”Google’s Android haunted by Steve Jobs’ warnings on app signing security” as it sheds a bright light on the differences between the two mobile platforms; moreover, the article does a great job of outlining the evolution of iOS and its app security policies.
And while you are at it, check out my article entitled ”Mobile for the masses: Sign, seal, and deliver your Android app” and learn how to sign your Android app in preparation for submitting it to an app store!
This story, "App signing: iOS versus Android" was originally published by JavaWorld.