Security News > 2020 > February > Google Advises Android Developers to Encrypt App Data On Device
Google today published a blog post recommending mobile app developers to encrypt data that their apps generate on the users' devices, especially when they use unprotected external storage that's prone to hijacking.
The open-sourced Jetpack Security library lets Android app developers easily read and write encrypted files by following best security practices, including storing cryptographic keys and protecting files that may contain sensitive data, API keys, OAuth tokens.
To give a bit of context, Android offers developers two different ways to save app data.
To prevent such attacks, Android 10 ships with a feature called 'Scoped Storage' that sandboxes each app's data in the external storage as well, thereby limiting apps from accessing data saved by other apps on your device.
"In the app home directory, your app should encrypt data if your app handles sensitive information including but not limited to personally identifiable information, health records, financial details, or enterprise data."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/fdFw8-vDNjs/android-app-data-encryption.html
Related news
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)