Most secure way to store strings and use for later

Question

I am developing an app where I need to store two strings for later use . I used sharedpreferences for that . But later I found that this is not secure enough . For rooted phones it is very easy to get the preferences and there are other processes too . I'm finding a secure way to store these two strings so that any app can't access those even if the phone is rooted . These strings will to totally invisible to other apps .

You need to define what kind of attack you try to protect against. If the attacker is the phone's user, then even if the phone is not rooted, there is little hope. If you try to protected against other apps, even when the phone is rooted, then it may be a good idea to use the KeyStore indeed. — Toluene, Oct 03 '18 at 14:04

score 2 · Accepted Answer · answered Oct 01 '18 at 12:32

2

I would look into the Android Keystore Subsystem for that. Normally you would use the Keystore to store a symmetric key and then use that stored key with AES (or something similar) to encrypt/decrypt the data.

answered Oct 01 '18 at 12:32

Andreas Happe

316
1
4

Most secure way to store strings and use for later

1 Answers1