They verify that the app preforms what it is supposed to be doing and doesn't negatively impact the device.
A code scanner will be run that examines the system calls and makes sure that it isn't using internal/undocumented APIs that may cause the app to fail when the operating system is updated.
And yes, this is done for every app and every update. Free and paid. Yes, it requires a crazy amount of manpower.
This is also something that introduces a human component to the review process - it is possible to get someone who misinterprets how the app is working or how a particular rule is applied to the review of the app and human mistakes can be made.
The Apple code scanner is buggy. I had an app rejected for an alleged call to an internal API that the app does not actually call. I had to appeal to the app review board, who approved my build, but it delayed a critical bug fix.
Friends have seen the same problem, with different bogus API violations reported.
A code scanner will be run that examines the system calls and makes sure that it isn't using internal/undocumented APIs that may cause the app to fail when the operating system is updated.
And yes, this is done for every app and every update. Free and paid. Yes, it requires a crazy amount of manpower.
This is also something that introduces a human component to the review process - it is possible to get someone who misinterprets how the app is working or how a particular rule is applied to the review of the app and human mistakes can be made.