Originally signature is designed to confirm integrity of an app. I believe we can name it passive integrity protection. In the real world the signature doesn't make any sense and you know why: if the application doesn't have any active integrity protection technique applied - resigning of an application with your own certificate is a matter of minutes. In this video we were trying to resign an application that is protected by DexProtector (only Class Encryption is turned on) with a different certificate and had no luck :-D
Want to know how to protect your applications from AntiLVL and reverse engineers? How to save it from being pirated or cloned? You might use DexProtector (http://dexprotector.com), best of breed protector and obfuscator for Android applications. It works straight with APKs, thus there is no need in any complicated integration with your build process. http://www.slideshare.net/IvanKinash/english-final-35690515