I'm creating a native application , where I used to save some values in my shared Preferences. But saving values to shared preferences seems to be insecure of security reasons. How can we provide security to values stored in shared Preferences? The penetration testing team can easily access the values stored in the shared preferences. How can we restrain them from accessing the shared preferences?
Asked
Active
Viewed 206 times
1
I'm Coder
- 125
- 2
- 13
-
Security against what? – 1615903 Jun 07 '22 at 08:57
-
@1615903 - The penetration testing team can easily access the values stored in the shared preferences. How can we restrain them from accessing the shared preferences? – I'm Coder Jun 07 '22 at 08:59
-
`The penetration testing team` How does a penetration testing team do that? – blackapps Jun 07 '22 at 09:01
-
Have a look at EncryptedSharedPreferences on https://developer.android.com/topic/security/data – memres Jun 07 '22 at 09:01
-
@blackapps - they used rooted device to access the shared preferences. – I'm Coder Jun 07 '22 at 09:02
-
1well i guess the question would be what are you storing on the device that needs to be so secure that the owner of the device shouldn't even access it ? – a_local_nobody Jun 07 '22 at 09:15
-
@a_local_nobody- yes. exactly!! – I'm Coder Jun 07 '22 at 09:22
1 Answers
1
they used rooted device to access the shared preferences
There is no form of storage that is safe against somebody who roots the device. If you have data that rooted device owners cannot have access to, do not have that data on the device — keep it on your server.
CommonsWare
- 986,068
- 189
- 2,389
- 2,491
-
In my case, I'm using MSAL ADb2C as login for native android, which itself saving values in shared Preferences, which I have no control in it. – I'm Coder Jun 07 '22 at 10:52
-