Question

I need to protect some data on my Android app. On iOS i can enable data protection and use encryption to save my files. Is there something similar for Android?

My app needs to read and write some images and xmls to an external SD. These images need to be safe. Users should not be able to view these files from a file browser or copy them. These files should only be accessible by my application.

Was it helpful?

Solution

External storage, e.g., an SD card on Android devices has 'world-read' permission. In other words, any application can access any directory and any file.

If you wish to encrypt your own files and directories you can do this. To decrypt them and use them however, you will obviously need to embed the decryption key(s) in your application's APK.

Obviously if somebody reverse engineers your app then they have your key.

The decision is up to you. There is no file-system security on an SD card and even storing data to internal memory (which IS only available to your own app) isn't secure as a rooted device can access all areas of the internal memory.

OTHER TIPS

Anytime you're writing to the SDCard the users can see that they're there. You can encrypt them and hope that no one cares enough to break it but you take your chances. Also, you can't count on anything you put on the SDCard to persist since users can delete from there whatever they want. You could also choose to use internal storage but if you're saving a lot of data that can make your users angry since that is a limited amount. It's harder for users to get to unless they root their devices but then it's just as easy as an SDCard.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top