Android OS for mobile devices is developed by the Open Handset Alliance, which is led by Google. Google unveiled the Android distribution in November 2007. Most of the Android core is released under the open-source Apache License but a large amount of software on Android devices (such as such as Play Store, Google Search, Google Play Services, Google Music, and so on) are proprietary and licensed 15. As of 2011, Android has the largest installed base of any mobile OS and as of 2013, its devices also sell more than Windows, iOS and Mac OS devices combined 13. As of July 2013 the Google Play store has had over 1 million Android apps published, and over 50 billion apps downloaded (PHONEARENA, 2014). A developer survey conducted between April and May 2013 found that 71% of mobile developers develop for Android 4. Android uses a Linux kernel with higher-level APIs written in C and applications are normally programmed in Java and run with the Dalvik virtual machine (DVM) using just-in-time compilation to translate Java byte code into Dalvik dex-code 3. This combination brings up some secure features, like efficient shared memory management, preemptive multitasking, Unix user identifiers (UIDs) and file permissions with the type safe concept of Java. Every Android application runs in a separate process under a unique UID with distinct permissions, which means that applications can typically not read or write each other’s data or code. The kernel sandboxes applications from each, so that resource and data must be share explicitly. To make a resource share between applications possible, the permissions which are required must be declare statically at the time the application is installed. The Android system prompts the user for consent at this time; a mechanism for granting permission dynamically at runtime is not possible and would lead to an increase of security transparency 20.