This explains how the files that make up the
Hybrid Web Container are protected when stored on the device, and under
what circumstances the files are stored in plain text.
Content Security on Android Devices
On Android operating systems, all Hybrid Web Container files, and extra data entered by the user or retrieved from the server, are encrypted before being stored in the application's sandbox and SQLite database. You can turn off the encryption of Hybrid Web Container files to decrease the load times for Hybrid Apps by using the disableFileEncryption customization point.
Content Security on BlackBerry Devices
In general, all Hybrid Web Container files and extra data entered by the user, or retrieved from the server, are stored on the BlackBerry device’s PersistentStore.
Content Security on iOS Devices
On iOS devices, all Hybrid Web Container files and extra data entered by the user or retrieved from the server, are stored in a SQLite database that uses the SQLite Encryption Extensions (AES-128).
Content Security on Windows Mobile Devices
On Windows Mobile Professional, Hybrid Web Container files are stored unencrypted on the device’s file system, and Hybrid Web Container settings are stored unencrypted in the device’s registry.