Skip to content

Google adds protection to Android with Jetpack Security

Keeping in mind the needs of developers who have shared storage, Google recently released a crypto library as part of the Jetpack Security that encrypts data in the app.

The crypto library provides abstractions for encrypting Files and SharedPreferences objects, using which you can locally store the files that might contain sensitive data such as API keys, OAuth tokens, among others.

Need for an extra protection

Google, since Android 5.0 has been providing encryption to user’s data by default. However, there are certain cases where you might need additional security, primarily when you use shared storage.

Jetpack uses a master key that stores all the subkeys that are used in each encryption and stores it in the AndroidKeyStore. AndroidKeyStore acts as a container which stores the keys in the form of TEE or StrongBox, making it hard for an unauthorised person to steal. For apps that store extra sensitive data, you can use keys with a BiometricPrompt to add additional security and privacy.

Encrypt Files

Jetpack security divides the data into bits and is encrypted via Streaming AEAD, which cannot be arranged in order. EncryptedFile class is similar to File and provides two object streams — FileInputStream for reading and FileOutputStream for writing.

Encrypt SharedPreferences

This class can be used to save key pair values such as API keys. The keys are stored using AES256-SIV-CMAC, and the values are encrypted using the AES256-GCM, which are bound to the encrypted key. This structure allows the data to be stored safely while still allowing for lookups.

Developers can access FileLocker, a sample app on Android Security GitHub page, which implements file and shared preference security based on Jetpack Security.

In the news: Netflix app will now show Top 10 lists for movies and series

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We're an ad-supported publication. So, if you're running an Adblocker, we humbly request you to whitelist us.

Share on facebook
Share on whatsapp
Share on twitter
Share on reddit
Share on linkedin
Share on pocket
Share on pinterest
Share on telegram
Share on stumbleupon
Share on digg
Share on tumblr
Share on email
Share on skype
Share on xing
Share on vk
Share on odnoklassniki
Share on mix