I created a Phonegap / Cordova Android application that uses cookies, for example. for session authentication / automatic login. During the security check, there were concerns that if an attacker could take possession of the phone, he might read out cookies and hijack a user session.
Is there a way to programmatically encrypt device storage or prevent access to cookies using Android 4.0 and above? I would prefer (but not push) a solution that integrates seamlessly with Phonegap / Cordova.
source
share