Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Which of the methods of turning on Data Protection on iOS are necessary?

I'm interested in using data protection in my iOS app. There seem to be three places I can do this:

  1. In the App ID in the developer centre.
  2. In the entitlements plist
  3. By using [-NSFileManager setAttributesOfItemAtPath:error:]

I've read the documentation that I can find, but none of it tells me which of these I need to do. If I do 1, does that turn it on for the whole app? Can I do 3 without doing 1? Do I need to do 2 at all?

like image 779
Simon Avatar asked Oct 16 '13 10:10

Simon


People also ask

What is Data Protection in iOS?

Data protection is an iOS feature that you use to secure your app's files and prevent unauthorized access to them. Data protection is enabled automatically when the user sets an active passcode for the device. You read and write your files normally, but the system encrypts and decrypts your content behind the scenes.

How can you provide security in your app especially for sensitive data iOS?

If you need to store sensitive data, use Keychain Services. Unlike UserDefaults, the data stored in the keychain is automatically encrypted. With the keychain, you don't need to save encryption keys. Every application has its own isolated keychain section that other applications can't access.


1 Answers

I've had the following answers from Apple:

If I do 1, does that turn it on for the whole app?

Yes. It becomes the default data protection for all file system objects your app creates.

Can I do 3 without doing 1?

Yes. This is useful if you want protect just one file.

You can also do 1 and 3, that is, use 1 to set the default and 3 to override that default for certain files.

Do I need to do 2 at all?

No. Once you do 1, the value ends up in your provisioning profile, which is then merged into your code signing entitlements at build time.

like image 116
Simon Avatar answered Oct 05 '22 22:10

Simon