I just sent you a PM with a little more detail, but I figured I'd post the bulk of it here as others may be interested...
I own a company that does app and software development. We work with a lot of startups and early-stage companies, so we run into these questions a lot.
The first thing we always do is sign an NDA with the potential client -- that way they're legally protected against us "stealing" the idea. The truth is, developers aren't in the business of running businesses, we're in the business of developing software for other people to run it. We're working on so many things at once that the thought of dropping all of that billable work for a stolen internal project that would require a massive amount of work beyond just the development and that would never guarantee revenue is not an enticing one by any means.
As far as pricing goes, the first step is to spec out the project and come up with an estimate for the number of hours it will take to complete, plus a margin for iterations and additions. As far as payment goes, we usually do it the traditional way -- billing monthly for the hours worked until the project is completed. For any ongoing improvements/fixes we just bill hourly as needed by the client.
I can tell you that, from experience, giving a guaranteed total price before the project start is a really bad idea for both the developer and the client. Clients ALWAYS want changes once they get to actually interact with the first version of the software, and the relationships usually end up going something like this:
DEVELOPER: Well, this is going to end up costing more than we told you because you want all these changes.
CLIENT: Yes but these changes are needed and it's unreasonable for you to charge more for it.
DEVELOPER: The software works as you requested...this stuff is new. We need to charge for it.
CLIENT: That's ridiculous -- you should've know that we would need this. You're the expert.
...and then everyone is angry at each other. If the potential client demanded a guaranteed price contract up front I'd either grossly inflate the price to make sure that I'm protected or not take the project at all.
We've also done more creative pricing where we did a reduced development cost and a revenue-share on the backend, but it's rare for developers to agree to that because there's just too much uncertainty.