You mentioned Apple & Google remotely installing something, so the only logical conclusion is that you're talking about Exposure Notifications (which btw are opt-in, not opt-out, so remotely installed is a mischaracterization here). If someone built their own solution and put it on the app store, then it doesn't really have much to do at all with Apple or Google outside of being distributed on their platforms, and certainly would never be remotely installed (at least on Apple platforms... I have no idea what Oppo might do in China for example, but whatever they'd be doing would likely be because some country law dictated it).