This is from Apple docs:
When you design a game that reports scores to Game Center, you should also consider the security needs of your game. You want scores reported to Game Center to be an accurate accounting of how players are doing. Here are two suggestions:
Store your game’s preferences and saved games in a secure format, rather than in clear text. If your game’s data is stored in clear text, a player can download the saved game data using iTunes, modify it, and resync it back to the device. This may allow the player to achieve a higher score than you intended. Always set reasonable minimum and maximum values for a leaderboard.
I know that data can be stored into .plist file or .xml or .json, even in a database. But all of that is non-encrypted plain text. What is considered as a secure format ? And what else methods/classes/techniques can be used to store sensitive data ?
If a hacker is determined enough and has the proper skill set, your stored data can be usually compromised regardless of storage method. It boils down to what your app's real-world applications are and the time and effort you are willing to put into keeping the data safe. Below are some options for you to consider:
NSUserDefaults
One of the most common and simplest ways to store data. Data is not encrypted.
Save string to the NSUserDefaults?
Plist Files
Also a common way to store data. Data is not encrypted.
Storing and Retrieving from a Plist
CoreData
Creates a model, manage relationship between different types of objects. By default, data is not encrypted.
http://www.appcoda.com/introduction-to-core-data/
http://www.raywenderlich.com/85578/first-core-data-app-using-swift
Keychain
Arguably the most secure way to store data on a non-jailbroken device. Data is encrypted.
https://stackoverflow.com/questions/16459879/how-to-store-a-string-in-keychain-ios
NSCoding
As Whirlwind pointed out, this is yet another storage method.
http://www.raywenderlich.com/1914/nscoding-tutorial-for-ios-how-to-save-your-app-data
http://nshipster.com/nscoding/
CommonCrypto Apple Framework
Low-level C coding. Data is encrypted.
https://developer.apple.com/library/ios/documentation/Security/Conceptual/cryptoservices/GeneralPurposeCrypto/GeneralPurposeCrypto.html
https://developer.apple.com/library/ios/samplecode/CryptoExercise/Listings/ReadMe_txt.html
Custom approaches
Store the data in the cloud thereby eliminate having it on the device altogether. Use the touch ID feature to authenticate the user and download the cloud data.
http://code.tutsplus.com/tutorials/ios-8-integrating-touch-id--cms-21949
https://developer.apple.com/library/ios/samplecode/KeychainTouchID/Introduction/Intro.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With