Is Card Data Encrypted In The App?

[TheLastProject]

Issue by trymeouteh
Wednesday Dec 12, 2018 at 21:31 GMT
Originally opened as brarcher/loyalty-card-locker#284

---

Is the card data readable by other apps or is it encrypted to ensure third part apps and malware cannot obtain the card data?

If this is not the case I would like suggest to have the app data encrypted.

[TheLastProject]

Comment by brarcher
Thursday Dec 13, 2018 at 04:27 GMT

---

Card data is not encrypted at rest. Instead, it uses internal app storage. The Android protection model for this is that only the specific app is allowed to access that data.

[TheLastProject]

Comment by trymeouteh
Friday Dec 21, 2018 at 03:18 GMT

---

Wouldn't be more secure and safer to encrypt the app data? The app could store gift cards which have some value like money.

[TheLastProject]

Comment by brarcher
Monday Dec 24, 2018 at 22:15 GMT

---

It would be safer, for those Android devices that support a Trusted Execution Environment for Keystore. At this time I will not be working on that, however if someone were interested in contributing the needed changes I'd be glad to review them.

[TheLastProject]

I'm closing this issue because unless you rooted your device, Android's app model already prevents this data from being accessed from other apps.