All geek questions in one place

What are the options for storing sensitive data on mobile phones?

I am going to develop an application for ios and android using phonegap and sencha touch. The application will store confidential data (personal data), so they need to be protected. As far as I read, sencha and phonegap do not have encryption libraries. Ideally, I would like to password protect the sql lite database, but I cannot find any mention of whether this is possible.

The only option I found is to do encryption on the fly using javascript, is this the only option? Has anyone else done this? I'm curious how quickly the application would be applied if it had to encrypt / decrypt everything on the fly.

+4
source share
2 answers

Yes, as far as I know, there is no encryption mechanism provided by either sencha or telephone, you need to do encryption on the fly ...

0
source

LocalStorage is encrypted and unavailable after closing the application. This way you can use SJCL to encrypt your local storage for runtime.

It is best to work with Oauth and request reasonable data when you need it.

But this is not a Javascript issue. When a person has an application, a phone and access to your code, this can happen with Android applications.

You can maximize protection using whitelisting and https. After you create an application for release (not debugging), the data is saved in the same way as files.

Can you tell screnario where you need extra protection?

The worst case would be a thief

  • has a phone
  • launches the application
  • can add script to application to retrieve data
0
source

Source: https://habr.com/ru/post/1442021/

More articles:


All Articles