One of the most talked-about features of Google's upcoming Android OS, 4.2, has been its app-scanning capabilities. Similar to a solution like Microsoft Security Essentials on Windows, Android's new scanning feature will be able to quickly tell you if the side-loaded APK you're about to install is dangerous. We assume that "sideloaded" is specified here because this feature won't be necessary with the official Play Store - Google is likely to filter out the bad before it ever comes up in a search result. At least we hope.
While the term "scanning" makes it sound like a top-level service would literally dig deep into the app (or APK), it's actually much simpler than that. When you try to install an APK, Google will capture a signature and send it back to its main servers. If there's a match, either with a good or bad flag, you'll quickly see the result. Essentially, this app-scanning shouldn't offer a noticeable delay in getting an APK installed, especially in the event one's considered safe.
Perhaps not-so-surprising is the fact that Google's app database reaches far beyond its own Play Store. Much like how the company scours the Web for its search engine, so does it also for APKs. This allows the company to not only build a database of unsafe apps quicker, but also allows it to learn of new techniques that rogue APKs are implementing. Again, this doesn't seem too different from MSE's basic functionality on Windows.
This app-scanning capability is disabled by default, only prompting you to enable it (if you want) the first time you install an out-of-store APK. Personally, this seems like something I'd like to keep enabled, because you just never know when a rogue APK or app could ruin your day.
Also coming in 4.2 is the addition of icons to the "Device Access" section of an app install screen. This will allow you to easier spot functionality you don't want any apps to have. This feature really, really should have existed long ago.