As indicated here, Mozilla offers several payment models, particularly:

• prepaid apps, paid by the user at download time, and;
• in-app payments, paid on demand, after the user has downloaded the application.

Pre-Paid App

you don't want to bother adding code for payment? then just tell Mozilla your app is a "paid app".  Mozilla will take care of all the rest.

What is the risk?
The same as for counterfeit money.  Even if Firefox did its best for making your app installable only from the Marketplace, you are never 100% sure.  1) the buyer may ask for an immediate refund; or, 2) a nasty hacker may use the manifest from your site.

Checking that your paid-app has effectively been paid is not so complex.  Jump to Managing Pre-Paid App for details, and examples of working implementations.

In-App Payment

The process is more complicated, because it is your app that originates the request from the user's mobile phone.  Encryption is required to insure the validity of the exchange, avoiding most man-in-the-middle attacks.

Although in-app payment has several advantages: your app could be installed for free so that your potential users get some feed-back of what it is about.  Then you add optionals — paid — features "à la carte".  You could even foresee a mix of the two: a minimal fee to install the app, and more to extend it.

In the section Processing In-app payment, I describe the process in details, with all source code attached in the hope that it will make you implement "in-app" payment in just a couple of hours.