Best IT Recipes

Best way to protect data sensitive to Android apps?

Yes, this is a pretty general question, but I'm trying to figure out how best to handle the application, which concerns the database with a web server that distributes sensitive data in the application. Any links, general information, etc. Will be appreciated.

Since the application will store persistent data received from the database for a certain time, everything becomes somewhat touchy.

+59
android security
Nov 18 '11 at 15:05
source share
5 answers

Store sensitive data on the device

It really depends on your audience. Typically, Android OS prohibits applications from accessing other files (i.e. Databases, preference files, regular files stored in the application’s private folder) through verified Linux file permissions. However, on root devices, an application can gain root access and read everything. A few things to think about:

  • If you know that your users will not have root (for example, if you do not distribute the application through the Android Market, but only in your company or something like that), you can simply rely on security based on the Android file system.
  • If the user gets root access, he will be very careful what application he gives, what privilege
  • If the application gains root access, it can lead to great devastation. The information in your application may be the least dangerous for the user.
  • Roots lead to zero warranty. Including in applications. You cannot be held responsible for leaking root phone information.

In conclusion, if your information is not sensitive to super-duper (for example, credit card information), I would suggest that you simply adhere to the standard security provided by Android (i.e. save everything in text form, knowing that other applications cannot receive access she).

Otherwise, encryption is the way to go. It's not 100% safe (a hacker can decompile your application and figure out how to decrypt the data), but it's a big pain to crack and stop most hackers. Especially if you confuse your code with something like ProGuard .



Transfer confidential data from the server to the device

You have several options. First of all, always use HTTPS. After enabling HTTPS, here are two additional security measures that I would suggest:

  • Use the API key system. Include this API key in all your requests and check it on the server side before sending a response. Remember that since you are using HTTPS, an attacker cannot simply use a network sniffer to find out your API key. However, it is quite easy to understand if someone is decompiling your application, so you can confuse it even more (besides using ProGuard). For example, you can leave the API key broken into pieces around your code (for example, as static members in two or three classes). Then, when you submit the request, you simply combine all these parts. You can even apply some other conversions (such as bit offsets) to make it even harder to figure out from the decompiled code.
  • You can generate a key every time you send a request. This key will be generated using some logic that you only know so that you can implement it both on the client side and on the server side. For example, a query may include the following parameters:
    time=1321802432&key=[generated-key]
    where generated-key generated from the time parameter. For example: md5(time + salt) . When the server receives this request, it can perform two functions:
    • Make sure that the key really equal to md5(time + salt) (note that only the client and server know the salt and can be confused similarly to the above API key) and
    • Make sure that time not too far back (for example, if more than 1-2 minutes have passed, consider the request to be invalid).

The second method is more useful if you also perform simple HTTP requests, where everyone can see the parameters sent. In addition, it is much more difficult to deal with decompiled code. Especially if you have extended the key calculation logic to several classes.

However , note that nothing allows you to hack your application. You can neutralize as much as you want, if the hacker is really determined to receive your data, he can do it by decompiling your application and spending many sleepless nights passing through your code and finding out how requests are generated. The only real way to protect your data is to ask your user to enter a password, in addition to doing all the work that I wrote about above. You cannot get a password that exists only from someone (user) from the decompiled code :).

+85
Nov 18 2018-11-11T00:
source share

(appeared here thanks to a Google search)

I’ve been dealing with this issue a lot lately, and this page has come a lot thanks to Google and Bing searches. The widely accepted procedure for securely storing data on a device is to use a strong encryption algorithm such as AES. A more complex question: “AES requires a secure key. What do you do with the key?”

Google recently announced a cloud-based solution for storing applications, so you might consider storing the key there if the situation allows. Otherwise, it seems that it is better to get the key outside the device, for example, on the server. If you can try the user in a PIN code, this will work best. You can derive passwords to save the password, and you can repeat the output to confirm the password.

Without the “punching user into PIN" part, I did not find many good answers to this question. However, DO NOT REQUIRE AN ENCRYPTION KEY IF YOU SHOULD STORE ONE WITH THE APPLICATION. At a minimum, generate a key using a secure password generator and / or derivation function such as PBKDF2 (password derivation derivative 2).

If I read the messages correctly, Google said that one of the approaches is to generate a key after launching the application for the first time, save the key via the MODE_PRIVATE flag for many file I / O operations and use this as a key. You can also get other keys based on this master key, and NIST actually offers something along these lines.

To trust the master key method, I will leave it to you. This key will be displayed on the root device. I also admit that I am still investigating the problem.

+8
Apr 05 '13 at 18:43
source share

To use SSL on HTTPS to transfer data instead of HTTP, you need to configure certificates on a web server, not very sure how this works.

If you are really concerned about the data, then encrypt it using a unique algorithm before sending and decrypting it when it reaches the application. I think that’s all about it .. If you don’t need something really strong, then create your own TCP protocol and / or use a different port. Maybe this will help

http://en.wikipedia.org/wiki/Secure_Sockets_Layer http://developer.android.com/reference/javax/net/ssl/package-summary.html http://blog.synyx.de/2010/06/ android-and-self-signed-ssl-certificates /

Regarding the storage of data in the application, you can encrypt the data before storage, or you can use a different format than SQLite for better security, since you can easily view sqlite databases using a browser.

If the phone is not rooted, there should be no way to extract data from it.

+1
Nov 18 '11 at 3:19
source share

If you want to pretty much guarantee that the user cannot see the data except by looking at your application, then encryption is really the only way. Even “secure” storage is available to the user if the device is rooted. Even encryption is not completely secure, since you need to decrypt the data at some point in order to display it. You discourage a random browser, but not a specific hacker.

0
Nov 18 2018-11-11T00
source share

Each Android application runs in a secure sandbox environment, so other processes in the system cannot access your code or personal data without proper confirmation. But still there are many vulnerabilities that can be caused by poor application design. This link from the Android developer site advises you some useful safety tips - https://developer.android.com/training/articles/security-tips.html

0
Sep 20 '17 at 18:47
source share


More articles:


All Articles