5. Have a button to report / record suspicious behaviour for an app which someone at Google will investigate pronto.
6. Support permission sandboxing / raised security, which when enabled the user is asked whether to allow the app to access (specific device / resource / URL etc.) right now. This way the user can see if an app is doing something unwarranted. (Allow such metrics to be logged and voluntarily submitted to Google for analysis. Google can scan these logs for unexpected changes in app behaviour. ).
7. Have an author reputation system built into the app store so users can choose to ignore apps from authors with lower ratings, i.e. to easily identify indie apps from full apps.
8. Don't allow apps to download an executable payload (as some on this forum have suggested they can).
9. Don't allow device makers to made default apps uninstallable. My phone's YouTube app is identified as a "harmful app" by the Play store but can't be uninstalled. Deactivating it causes an infinite loop at startup!