0

As we all know Android app apk file can be drilled down to get the Java codes and resources. The sensitive data used to populate lets say list view used as arrays in Java files can be easily hacked.

What are the secure ways to do it?

I guess downloading XML or JSON file from the internet and using in app? Or there any other techniques?

Thanks in advance.

coder
  • 8,346
  • 16
  • 39
  • 53
Bishwash
  • 854
  • 1
  • 9
  • 22
  • 1
    google is your friend, please do some research first at the very least... https://developer.android.com/training/articles/keystore – WilomGfx Jul 15 '18 at 03:07
  • 2
    Data used to populate a list view is publicly visible anyway - what sort of data are you concerned about exposing? – Simon MᶜKenzie Jul 15 '18 at 03:08
  • @WilomGfx Its not about keystore, I want to compare between data stored in arrays vs other techniques i.e external xml, json files stored in remote server – Bishwash Jul 15 '18 at 03:16
  • @SimonMᶜKenzie : It does not necessarily needs to be visible all the data in listview. For instance http links of some songs. – Bishwash Jul 15 '18 at 03:18
  • You answered the question yourself: if you have sensitive data, you DON'T hardcode that data into the app. Instead you obtain it from a different source (in most cases a web service that uses industry standard encryption). – Janus Varmarken Jul 15 '18 at 05:46
  • Somebody can always build his own client to fetch all the data from the server. The app shows how to get access. – Henry Jul 15 '18 at 06:25
  • @JanusVarmarken, Henry : Well, that was my wild guess. I expect some professional confirm this with formal resources. – Bishwash Jul 15 '18 at 14:12
  • @Henry after a research i found fetching from server can also be tracked by monitoring http requests it sends from mobile device – Bishwash Jul 21 '18 at 10:36
  • Normally you would not use http for anything sensitive. Always use https. – Henry Jul 22 '18 at 15:43

0 Answers0