It is mandatory that all of the installed applications are digitally signed. Developers can place their applications in Google's Play Store only after signing the applications. The private key with which the application is signed is held by the developer. Using the same key, a developer can provide updates to their application, share data between the applications, and so on. Unsigned applications, if attempted to be installed, will be rejected by either Google Play or the package installer on the Android device. In Android 8.0 and above, users must navigate to the Install unknown apps setting in order to run unsigned apps, as shown in the following screenshot:

Now that we have some basic knowledge about digitally signed applications, let's look at one of the security features in Android.