The EncryptedStorage plugin adds an encrypted key/value pair storage option to Cordova, which uses the same API method signature as the browser’s local storage option and is non-blocking.
This allows you to store data locally and securely on the device, so that you do not have to retrieve the data from the server every time the application is opened. The user can access and view the data on the device. The data in the encrypted local store is protected by the user’s operating system account credentials, so that data cannot be accessessed by anyone who is not logged on as the authenticated user, however, the data stored in local storage is not secure against access by other applications run by the authenticated user, so you should not use encrypted local storage to store sensitive information such as digital rights managment keys or licensing tokens.
Secure storage is an API based on the w3 Web storage API, interface Storage (http://www.w3.org/TR/2013/PR-webstorage-20130409/#the-storage-interface.
The EncryptedStorage plugin receives a notification from the Login plugin in the event that the Login plugin's data vault is deleted. This can occur when the user forgets their password while unlocking the application, violates a password policy set on the server, or explictly deletes the registration. The EncryptedStorage plugin then generates an OnEncryptedStorageErased event which is a notification that the encrypted storage on the device (the database the application uses for secure storage of application data) has been cleared for security reasons.
Kapsel plugins support Apache Cordova's domain whitelisting model. Whitelisting allows you to control access to external network resources. Apache Cordova whitelisting allows you to whitelist individual network resources (URLs), for example, http://www.google.com.
For information about the whitelist rules, see http://docs.phonegap.com/en/3.3.0/guide_appdev_whitelist_index.md.html.