Hiding the Key
One of the most fundamental decisions that you’re going to face as a mobile developer is what encryption to use to hide sensitive information and whether you’re going to leave the information on the phone or not.
In this section we’re going to look at a number of different ways that other developers have tried to solve this problem. These examples come from real-world Android apps that we’ve audited over the years. They each get progressively better at hiding an encryption key for the database itself or for fields in the database, such as the password.
Security on Android is almost always a battle between security and ease of use. App developers want to make it easy for people to use, and they don’t think it’s a good idea to make ...
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
