In an interview with Computerworld.com, Hiroshi Lockheimer, Google vice president of Android engineering, said the scanning service has been in action "a number of months."
"The interesting thing is that no one really noticed," he said. "It didn't disrupt the end user's experience [in the Android Market] or disrupt the developers. They didn't have to think about it at all."
When an app is uploaded to Google by its developer but before it's placed in the Android Market, Bouncer scans the code for known malware, including spyware and Trojan horses, and looks for behaviors that match apps that the company has previously decided are unacceptable, he said.
Some apps that flag concern are immediately denied entrance to the Android Market while others are flagged for human review, he said.
Bouncer also uses a simulator that runs each app as if it was on an actual Android phone, Lockheimer said.
"We can observe the application for hidden behavior, and then flag it for review if it's questionable," he said.
Lockheimer said Bouncer was not a reaction to any single security incident. There have been two recent high-profile incidents of malware in the Android Market reported.
"Bouncer wasn't in response to any one thing," he said. "Security is important to Android, that's always been a theme of ours."