In today’s world of devices, smart phones, tablets, and wearable devices, are widely used for communication, photography, entertainment, monitoring health status, and many more applications. Applications installed in the smartphones provide useful services, but they may maliciously send sensitive information to a remote location for various purposes. Due to the nature of open-source ecosystem, the usage of Android platform in mobile devices has grown significantly, and the security concerns have also increased manifold. Malware and software vulnerabilities issues violated end users’ security and privacy. This article discusses and analyzes the Android architecture and platform vulnerabilities along with threat models, and malware analysis techniques followed by a few security challenges and future research directions.