Every Android app is signed with a cryptographic signature. When the app is updated, Android will compare the signatures of the new and old versions, and only allow the update if they match. This is far more secure than having no signing method, but it's not perfect. Development teams have to share a single key, and if a key is lost, a new Play Store listing has to be created.

Read More