0

Does anyone knows what is the most secure way to store sensitive information in application? Because using internal storage and shared preferences is vulnerable if person who want that information have a rooted phone.

Case is that I have some kind of activation code which needs to be stored somewhere inside the phone (not on server) for further communication and authentication with server side, that code needs to be secured and not available to other apps and users, even on a rooted phone. Also, user can not be bothered with additional verification (he enters the PIN code when he enters the application and send that code to the server side for authentication) .

Bottom line, is there a secure way to store something and to be secure that it will remain hidden, even on a rooted phone?

Freedom_Ben
  • 9,386
  • 9
  • 58
  • 83
k7svn
  • 33
  • 4
  • 1
    I recently had the same question, and the answer I came up with was that there is no way to keep data totally secure with 100% reliability. It's better to protect your app server side. That being said, there is [this thread](http://stackoverflow.com/questions/1925486/android-storing-username-and-password) that talks about a couple solutions. [AccountManager](http://developer.android.com/reference/android/accounts/AccountManager.html) looks intriguing also. – Christopher Gillis Jun 14 '13 at 12:26
  • The best shot you have is storing Serialized Objects and Crypt it... This is the best solution I found. – ChristopheCVB Jun 14 '13 at 12:28
  • @ChristopheCVB: That is at best a speed bump. Anything involving encryption, where both the key and algorithm are part of the app, can be reverse-engineered easily enough. – CommonsWare Jun 14 '13 at 12:30
  • @CommonsWare: Yes, for sure... But the decrypt key can be downloaded from the cloud. But anyway, it remains a speed bump. Do you know a better solution, because I'm very interested :D – ChristopheCVB Jun 14 '13 at 12:35
  • 1
    @ChristopheCVB: If you want to defend *the user's* data against attackers, that's where crypto can be useful. What the OP is asking for is DRM, and there are two basic types of DRM: the ones that have been cracked, and the ones that nobody has bothered trying to crack. – CommonsWare Jun 14 '13 at 12:40
  • @CommonsWare: I love your answer ;) – ChristopheCVB Jun 14 '13 at 12:42

1 Answers1

0

Unfortunately the commenters are correct. There is no way to guarantee with 100% security that the activation code can't be hacked. Microsoft has spent millions of dollars on this, and there are still pirated copies of Windows out there, because at the end of the day you have no control of the code on the client. If you endow the client with the ability to decrypt or otherwise access this stored authentication code (without needing to go to the server), then someone can reverse engineer the app to undo your protection. This is true even if you retrieve a decrypt key from the server.

The best way to do this depends on your use case, but here are some ideas:

  1. Have the client submit the "activation code" to the server, where you can blacklist it if you think it's stolen. This is how Windows works. This is the only option you have if you want to use an activation code and not bother the user.

  2. Have the user register an account and have the app resubmit the user's credentials each time it runs. This way you have a user account to deactivate if you suspect piracy.

  3. Have the server provide the decrypt key. This does not guarantee that the activation code stays safe, but it does up the bar for potential reverse engineers.

  4. Drop the whole DRM idea completely, and focus your attention on making a good product. Studies that music companies have shown that dropping the DRM makes no difference in the number of people who buy your product.

Freedom_Ben
  • 9,386
  • 9
  • 58
  • 83