UWP Secure Local Storage

Question

When using local storage in UWP, once the app has been published, can the user who installs the app tamper with the saved settings from classical desktop or command line?

It seems to me that this could easily be done. Is there a way to securely store settings and data within the app, without using a remote service and cryptography? In other words, is there a system API that allows this?

For example, the Store-Managed Consumables allow managing in-app items securely. However, there doesn't seem to be anything similar for general settings. How would one go about storing randomly generated ids for products or in-app keys and items?

Answer 1

To protect data at rest, you can use the DataProtectionProvider API. It will stop casual users from seeing your data, and if they modify it then your app won't be able to decrypt it.

Answer 2

Is there a way to securely store settings and data within the app,without using a remote service and cryptography?

For your requirement, you could use Roaming data to store the app setting data, Roaming data for an app is available in the cloud as long as it is accessed by the user from some device within the required time interval.

Windows.Storage.ApplicationDataContainer roamingSettings = Windows.Storage.ApplicationData.Current.RoamingSettings;
roamingSettings.Values["exampleSetting"] = "Hello World";
// High Priority setting, for example, last page position in book reader app
roamingSettings.Values["HighPriority"] = "65";

// Composite setting

Windows.Storage.ApplicationDataCompositeValue composite =
    new Windows.Storage.ApplicationDataCompositeValue();
composite["intVal"] = 1;
composite["strVal"] = "string";

roamingSettings.Values["exampleCompositeSetting"] = composite;

For more detail please refer this document.