This is interesting because it's essentially the same security model as the web.
Your app runs in a controlled environment, and it has the option to nest another app (on the web, in an iframe) which it can send messages to, but can't affect the code or UI of.
The fact that the UI cannot be manipulated by the nesting app, is crucial, since it allows the security model to tie certain user actions, like pressing dial, to certain actions, like making a phone call.
Your app runs in a controlled environment, and it has the option to nest another app (on the web, in an iframe) which it can send messages to, but can't affect the code or UI of.
The fact that the UI cannot be manipulated by the nesting app, is crucial, since it allows the security model to tie certain user actions, like pressing dial, to certain actions, like making a phone call.