Security News > 2020 > February > Google Advises Android Developers to Encrypt App Data On Device
Google today published a blog post recommending mobile app developers to encrypt data that their apps generate on the users' devices, especially when they use unprotected external storage that's prone to hijacking.
The open-sourced Jetpack Security library lets Android app developers easily read and write encrypted files by following best security practices, including storing cryptographic keys and protecting files that may contain sensitive data, API keys, OAuth tokens.
To give a bit of context, Android offers developers two different ways to save app data.
To prevent such attacks, Android 10 ships with a feature called 'Scoped Storage' that sandboxes each app's data in the external storage as well, thereby limiting apps from accessing data saved by other apps on your device.
"In the app home directory, your app should encrypt data if your app handles sensitive information including but not limited to personally identifiable information, health records, financial details, or enterprise data."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/fdFw8-vDNjs/android-app-data-encryption.html
Related news
- Google Gemini's Astra (screen sharing) rolls out on Android for some users (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes actively exploited FreeType flaw on Android (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google’s Advanced Protection Now on Android (source)
- Google strengthens secure enterprise access from BYOD Android devices (source)