Android applications run in a sandbox, an isolated area of the system that does not have access to the rest of the system's resources, unless access permissions are explicitly granted by the user when the application is installed, however this may not be possible for pre-installed apps. It is not possible, for example, to turn off the microphone access of the pre-installed camera app without disabling the camera completely. This is valid also in Android versions 7 and 8.
Since February 2012, Google has used its Google Bouncer malware scanner to watch over and scan apps available in the Google Play store.
A "Verify Apps" feature was introduced in November 2012, as part of the Android 4.2 "Jelly Bean" operating system version, to scan all apps, both from Google Play and from third-party sources, for malicious behaviour. Originally only doing so during installation, Verify Apps received an update in 2014 to "constantly" scan apps, and in 2017 the feature was made visible to users through a menu in Settings.
Before installing an application, the Google Play store displays a list of the requirements an app needs to function.

License information: CC BY-SA 3.0
MPAA: G
Go to source: https://en.wikipedia.org/wiki/Android_(operating_system)