Content Security on Android Devices

On Android operating systems, all Hybrid Web Container files, and extra data entered by the user or retrieved from the server, are encrypted before being stored in the application's sandbox and SQLite database. You can turn off the encryption of Hybrid Web Container files to decrease the load times for Hybrid Apps by using the disableFileEncryption customization point.

The cryptographic libraries provided by Google/Android are used. Specifically, the encryption algorithm used is AES-256 symmetric encryption.

Hybrid Web Container Files

Hybrid Web Container files include all the files contained in the <Hybrid_App_package_name>.zip that is deployed to the device, including all HTML, JavaScript, CSS, and any other files that may be included as part of the ZIP package.

When the platform’s browser control requests these Web files, they are read from the device’s sandbox, stored unencrypted on the file system temporarily, and then passed to the browser control through a content provider.
These temporary files are removed from the content provider immediately after the last of them are requested by the browser control.

Note: Prepackaged files are not secured on Android. They are stored in the assets directory unencrypted.

Attachments

If attachments, such as *.docx, *.pdf, and so on, are part of the <Hybrid_App_package_name>.zip deployed to the device, they are stored in the application's sandbox after they have been encrypted through the Google/Android crypto libraries.

When the JavaScript requests these attachments for viewing, they are read from the application's sandbox, and temporarily written unencrypted to the device’s flash memory for the external viewers to display them.
Once the application closes, these temporary attachment files are immediately removed.
Note: The Android operating system enforces the sandboxing of these temporary files.

Attachments that are downloaded through an online request using an object query are stored unencrypted in the device’s flash memory for the file viewers to display them. Once the application closes, these temporary attachment files are immediately removed.

Images

The image is saved, unencrypted on the file system, into the Gallery application, (ImageOptions.CAMERA, ImageOptions.BOTH).

Note: The Android operating system enforces the sandboxing of these image files.

Cached Online Requests

The results of online requests that are specified to be cached are stored on the device’s SQLite database (after they are encrypted through the Google/Android cryptographic libraries). Cached results are removed when the Hybrid Web Container is unassigned from the device, or uninstalled from the server.

Notifications From the Server

Notifications from the server are stored in the same SQLite database after they have been encrypted through the Google/Android cryptographic libraries, including the payload that makes up the notification. When the notification is acted upon, the JavaScript makes a request for the notification contents. This is read from the SQLite database, unencrypted, and passed to the browser in memory.

User Input Sent to the Server

When the device has no network connectivity, and the user submits a Hybrid App for the server to process, the data destined for the server is queued up on the device. The contents of this queue are again encrypted through the Google/Android cryptographic libraries before it is stored into the SQLite database.

Encryption Keys

How the encryption key is generated:
- A generated GUID is used as the key for encrypting the data (“data password”)
- A user-provided password (PIN) is used to secure/encrypt the “data password," which is persisted in its encrypted form. In order to have access to the "data password", one must know the user password.
- The salt is a different persisted, generated GUID.
- Encryption of data is done with the "data password."
Where is the encryption key stored?
- The "data password" is persisted in its encrypted form in a separate table in the SQLite database.