In the previous post on Android user data security, we looked at encrypting data via a user-supplied passcode. This tutorial will shift the focus to credential and key storage. I’ll begin by introducing account credentials and end with an example of protecting data using the KeyStore.
An app’s credibility today highly depends on how the user’s private data is managed. The Android stack has many powerful APIs surrounding credential and key storage, with specific features only available in certain versions. This short series will start off with a simple approach to get up and running by looking at the storage system and how to encrypt and store sensitive data via a user-supplied passcode. In the second tutorial, we will look at more complex ways of protecting keys and credentials.
In my previous article about secure coding in Swift, I discussed basic security vulnerabilities in Swift such as injection attacks. While injection attacks are common, there are other ways your app can be compromised. A common but sometimes-overlooked kind of vulnerability is race conditions.
From minimizing pointer use to strong type checking at compile time, Swift is a great language for secure development. But that means it’s tempting to forget about security altogether. There are still vulnerabilities, and Swift is also enticing to new developers who haven’t yet learned about security.
The main purpose of a digital signature is to verify the integrity of some information. For a simple example, let’s say you had a file that was transferred over the network and you want to check that the entire file was transferred correctly. In that case, you would use a checksum.
In this post, we’ll look at advanced uses of encryption for user data in iOS apps. We’ll start with a high-level look at AES encryption, and then go on to look at some examples of how to implement AES encryption in Swift.
Any app that saves the user’s data has to take care of the security and privacy of that data. As we’ve seen with recent data breaches, there can be very serious consequences for failing to protect your users’ stored data. In this tutorial, you’ll learn some best practices for protecting your users’ data.
This is the first of three articles on securing user data at rest. In this post, we’ll start off with the basics of protecting data on iOS so you can learn the current best practices for storing data securely with Swift.
Mobile security has become a hot topic. For any app that communicates remotely, it is important to consider the security of user information that is sent across a network. In this post, you’ll learn the current best practices for securing the communications of your iOS app in Swift.