Zscaler Application Profiler (ZAP)

ZAP is a free web tool which is simple to use and includes a very effective data base. All you need to do is type the apps name and you will know whether and to what extent an app is safe to install.

ZAP gives an app a numeric score for security and privacy, and separately indicates risk involved in 4 areas: Authentication (how safe are your passwords and username, if they are encrypted or not), Metadata (if app leaks data that can be used to identify your phone), Personal identifiable information leakage (how safe is your personal data) and exposed content (does it tracks users).The tool is an effective way to identify rogue and unsafe apps before you install them.

Check App permissions

If you are conscious about your privacy, you must take a look at permissions app asks for. Most of us tend to ignore this aspect and treat it like tedious terms and conditions pages, and for good reason. At first glance, you will be puzzled with instructions an app asks for, because it may seem baseless but might be a perfectly reasonable request.

Developers have been piling more and more permission with apps, and often there are permissions which they don’t need. An app might be asking your location data, and it might be for ads and other harmless stuff, but gives it the right to track your phone. While this is entirely possible, but you can be assured for all popular apps as the developers can’t get away with it for long. It is lesser known apps, especially which you download from third party app stores that you need to be wary of and examine thoroughly.

You can also install apps like PermissionDog to keep a check on app permissions and to see what permissions apps are using in the background. Android M will further improve things my bringing granular control for app permissions, which you have already installed.

Reviews and Reputation

Before installing an App check how many times it has been installed, how many reviews it has got and what is its average rating. If an app has got just 10 to 20 installs and perhaps several positive reviews, it might be a waste of your time. If possible, stick to apps made by known developers or known companies like Google, Microsoft, etc.

Third party App store

Most malicious apps come from third party app stores. We hear of infected apps on Playstore every now and then, but Google is actively working in the background to remove all such threats. If you download form a shady app store and have weird notifications sprawling all over your notification shade, you need to get rid of the app as soon as possible.

Android offers to scan apps whenever you add from unknown sources. You should grant Google the permission to do so.

Conclusion

No software is completely risk free, but if your chances of running into trouble will be minimal. If you are using popular apps, your safety is pretty much covered, but if you are conscious about your privacy, dig deeper in those app permissions.