Security News > 2020 > February > Google Advises Android Developers to Encrypt App Data On Device

Google Advises Android Developers to Encrypt App Data On Device
2020-02-26 04:34

Google today published a blog post recommending mobile app developers to encrypt data that their apps generate on the users' devices, especially when they use unprotected external storage that's prone to hijacking.

The open-sourced Jetpack Security library lets Android app developers easily read and write encrypted files by following best security practices, including storing cryptographic keys and protecting files that may contain sensitive data, API keys, OAuth tokens.

To give a bit of context, Android offers developers two different ways to save app data.

To prevent such attacks, Android 10 ships with a feature called 'Scoped Storage' that sandboxes each app's data in the external storage as well, thereby limiting apps from accessing data saved by other apps on your device.

"In the app home directory, your app should encrypt data if your app handles sensitive information including but not limited to personally identifiable information, health records, financial details, or enterprise data."


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/fdFw8-vDNjs/android-app-data-encryption.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995