Hi everybody, I am working on a project that requires to store sensitive data on an android mobile phone. Up to now, it seems that the suitable place to store that data is the private folder that is owned by the application. However, in a rooted phone this folder can be accessed easily.
Other alternative is related to encryption. Again, the point is where to store the corresponding key. The security API of android provides a keystore class that can contain cryptographic keys. Does anybody knows where this file is stored?, is it necessary to create a keystore for each application that required it? and how secure is the access to the information in this file by unauthorized applications?. Any idea or suggestions will be welcome! thanks -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
