upload code?!
But you don't upload code, thats the whole point of using an API.
If they really do wish to be secure they should look into the same procedures Apple kinda use.........simply test the apps. A monitoring system could constantly check an app to make sure it hasn't changed, if it has then it needs to be authorised again.
A lot of work............but what the hell it's not my job! :)