It's clear that sensitive information shouldn't be stored in clear text and great care must be taken to store the data securely.

Try to avoid storing sensitive data on the device and store it at the server side. If you cannot avoid it, usage of strong encryption algorithms should be considered to encrypt the data. There are libraries available for encrypting your data when you save it on the device.

Secure Preferences is one such library that can be used to encrypt data in shared preferences. This can be found at the following link https://github.com/scottyab/secure-preferences.

SQLCipher is an option for encrypting SQLite databases. SQLCipher can be found at the following link https://www.zetetic.net/sqlcipher/sqlcipher-for-android/