0
Hello, I am developing an Android app and Iphone that will store various sensitive information of my customers in the mobile database. My question is being in what is the best way to protect this data:
- I know it is possible to encrypt the local database of the application, however, if someone in possession of the cell phone login as root will be able to obtain the database and through decompilation of APK is possible to extract the key I used in the encryption and have access to the data.
- My second option is to use Android’s own native encryption or Iphone and encrypt the entire device.
I confess that I am tending more towards the second option, because the first does not seem very effective. Does anyone have a better idea or knows the right way to do it?
Unfortunately the application cannot depend on internet to work, so I have no way to escape from storing the data locally.
– Jônatas Trabuco Belotti
Then follow with the same second option. It will be the ideal for your project.
– Jadiel Santana