2010/12/22, BobMcCormick <[email protected]>: > What kind of sensitive data is it? The idea is to store an identifier or credential that allows to authenticate someone. Thus, the information should be known neither by the phone user, malware nor third parties.
Now the question is: how to make possible to keep such a "secret" secure inside the phone?, how to prevent that this information can be copied and used by an illegitimate user? Up to now, I consider the private folder of the application a suitable place for this task. However, the fact that the user cannot obtain direct access to it, does not mean that it is not vulnerable to being copied or accessed by a privileged user. If someone has ideas, welcome! -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
