Is there any reliable way to encrypt Shared preference in Android (Min Api 19)

Question

I found a similar question here and lots of other articles about securing shared preferences but they all come with a warning that-

The certificate you use as the password or “secret” in your code is deleted if the lock screen method or PIN/Pattern is changed.

This is the library people suggesting to use but it has a lot of unresolved issues like if updating to Android Q they are not able to access data.

And EncryptedSharedPreferences can only be used if Min API is 23 (6.0+).

Can someone please suggest if they've found any reliable way to implement encrypt shared preferences?

Answer 1

I have an issue where mt Repository using EncryptedSharedPreferences was crashing only on install from play store (Local install was OK) - tried all the backup disabling but the problem recurred.

I eventually switched to using an EncryptedFile which seems to work fine

Answer 2

For Preference encryption you can use EncryptedSharedPreferences but it provide support from API level 21 (marshmallow).

Below 21 API level you need to encrypt preference data at your end by using AES encryption. Refer below link https://github.com/Naibeck/Android-Security

Answer 3

A new version of EncryptedSharedPreferences (https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedSharedPreferences.html) has been released, supporting API Level 21+! So if you're using version 1.1.0-alpha01 and higher, you can have minSdk version 21.

So this is what you have to put to your build.gradle(app): androidx.security:security-crypto:1.1.0-alpha01.

Time of typing this, there are newer versions, you can find out more about it here https://developer.android.com/jetpack/androidx/releases/security?authuser=1.

Answer 4

This one is useful for encrypt shared preferences https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedSharedPreferences.html