However this is clearly not something that small time companies or lone developers might be able to afford, which means that there could be plenty of apps out there that have security flaws and vulnerabilities that have yet to be discovered, and could be taken advantage of. However the good news for these app developers is that Google wants to help with its Google Play Security Reward Program.
According to Google, “Google Play is working with the independent bug bounty platform, HackerOne, and the developers of popular Android apps to implement the Google Play Security Reward Program. Developers of popular Android apps are invited to opt-in to the program, which will incentivize security research in a bug bounty model. The goal of the program is to further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem.”
Basically Google will be paying out the bounty for vulnerabilities that are discovered. However right now it seems that not all apps will automatically qualify to be part of this program. Right now it seems that only select developers have been chosen, but presumably at a later date more apps will be added.
. Read more about