I want to save some client side ids and codes that no body should reach them. Ids like ClientId and ClientSecretId that uses for authentication system.
So I did some search and just found some modified shared preferences like (Secure-preferences ) but it doesn't make data unreachable especially when user has root access.
is there any safe storage or something like that in android?
for example, where does screen lock's pin code save that nobody can't find that even with root access?
thanks
As far as i know there is no such kind of storage that you are looking for in android if i am not wrong. But you can do one thing, You can encrypt your id's and then save it within your database ... in that way even if user finds the saved file he wont be able to decrypt that easily and furthermore you can place that encrypted file in a restricted area of the filesystem where a normal user can’t access it.
Android stores the screen lock's pin code pattern in a special file called gesture.key in /data/system/. As storing the pattern in plain text wouldn’t be very save, Android only stores an unsalted SHA1-hashsum of this pattern. Accordingly, our pattern is stored as c8c0b24a15dc8bbfd411427973574695230458f0.
