Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there a way to securely store user data on an Android device?

Tags:

java

android

security

I'm writing an application wherein users will sometimes make orders through it. I want to give users the option to save their billing info (name, address, etc.) so that it can be quickly restored later if they want to make another order. The user will enter a password to secure the data.

Obviously I can't just put this as a file on the device, as anyone can root/find the data. Is there a built-in Android method for storing secure data that is locked with a password? If not, what is a good place to start for storing this data securely using Java?

Edit: To clarify, when I say that the user will enter a password, I don't mean that I've come up with a way to secure the data yet. I'm just trying to convey the method with which the user will secure the data on their end; now I'm trying to figure out how to keep my end of the bargain. :)

like image 475
Dan Lew Avatar asked Apr 09 '10 13:04

Dan Lew

2 Answers

You could use the included javax.crypto classes to encrypt any sensitive information.

You can view the source code of the Secrets for Android application for some examples.

Secrets for Android is an application to securely store and manage passwords and secrets on your Android phone. It uses techniques like strong encryption and auto-logout to help ensure that your secrets remain safe (assuming you use a good master password!). Context-sensitive tips guide you along through its operation, making it easy to use.

like image 137
Steve Avatar answered Nov 13 '22 07:11

Steve

Obviously I can't just put this as a file on the device, as anyone can root/find the data.

True, but if you allow the user to define a password for the backup file, somebody who stole the file would still need to crack the encryption. They can find out the algorithm you're using, but not the password.

Is there a built-in Android method for storing secure data that is locked with a password?

Android itself does not offer an encrypted file store. You can encrypt files yourself, which is what I assumed you were doing when you wrote that the "user will enter a password to secure the data".

like image 23
CommonsWare Avatar answered Nov 13 '22 06:11

CommonsWare
Sign in to Comment

Related questions

What's the best way to persist data in a Java Desktop Application?
From C Source to Java Bytecode? [closed]
How to access static members in a Velocity template?
Setting up ehcache replication - what multicast settings do I need?
How to track task execution statistics using an ExecutorService?
Sending email such that "from" is a name or text rather than real email address
get possible instance/type of object
How do I determine which monitor a Swing mouse event occurs in?
Tagging Interfaces in Java
Java - where and how should exceptions be used?
What are the c# equivalents of of Java's getClass(), isAssignableFrom(), etc.?
Java based web framework alternatives
Render html in Swing application
Java Collections.sort - help me remove the unchecked warning
Value from last inserted row in DB [duplicate]
Java -jar : access external configuration file
Limitation in Java HttpUrlConnection getting content length
Need help returning object in thread run method
Replace the first letter of a String in Java?
Any reason not to always log stack traces?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!