Reputation: 9044
How to secure activation of Android app?
I have an android app that needs to be Activated to work on devices. The process of Activation is by sending an encrypted key by sms and getting an encrypted reply by sms to activate the app. Assume that encryption/decryption is safe. The problem is that I have to store the app status (activated/not activated/activation failed) and read it on each start up to see that app is activated or not. preferences and sqlite database are not secure. What is the best approach to save this state?
Upvotes: 2
Views: 338
Answers (1)
Reputation: 1007321
Keep the activated state on your server, and check it on startup.
There is no truly secure storage on Android devices. Users can get to, and modify, whatever they want, given modest technical skills. If you do not want users messing with the data, do not put it on their device.
Upvotes: 6
Related Questions
- Best way to secure Android app sensitive Data?
- Encryption for android. How to do that?
- Android encryption
- How to secure our app
- User activation code in android app
- android encryption
- How Do I Protect Decryption Password And Salt in APK
- How to make apk secure and what is the most unique identifier an app has?
- Implementing Encryption in application layer in Android
- How to secure secret string in Android app?