Securing data in iOS. Keychain or any other approach?

Question

I am a newbie to iOS and developing an app, in which I need to maintain session on the basis a of token returned from an API endpoint. I searched about it and found out that secure data should not be stored in User Defaults, therefore I have chosen Keychain. My question is:

• Is Keychain secure enough?
• Is there any other good alternative?
• Does Keychain store values after encrypting them (default behaviour)?
• If not then what is the right way to use encryption/decryption along with Keychain?

Currently the Keychain related commands I have used are given as follows:

import SwiftKeychainWrapper //installed through Cocoapods

    //Storing
    let saveTokenSuccessful: Bool = KeychainWrapper.standard.set(token!, forKey: "myToken") 

    //Retrieving
    let retrievedToken: String? = KeychainWrapper.standard.string(forKey: "myToken")

    //Deleting  
    let removeTokenSuccessful: Bool = KeychainWrapper.standard.remove(key: "myToken")

Answer 1

Keychain is a good solution because data is encrypted automatically before being stored in the file system. And from Apple doc:

... keychain is automatically unlocked when the user unlocks the device, and then locked when the device is locked. An application can access only its own keychain items, or those shared with a group to which the app belongs.

Answer 2

Is Keychain secure enough?

I would say so, may depend on the sensitivity of your data.

Does Keychain store values after encrypting them (default behaviour)?

From the documentation:

The encryption is AES 128 in GCM(Galois/Counter Mode)

Apple has released in the past a paper about security on iOS, that might be a good read to start. You can find it here.

More info on keychains.