Device Data Security

Securing all data on the device client requires multiple techniques employed by both the developer and the administrator.

Some SAP Mobile Platform components do not support encryption. Review this table to see which components can enable this security feature.

Note: The encryption key for all client databases is an AES-128 sized key, and the data vault does not generate the encryption key.
Component Implementation Notes
Device data If the application has a local database, SAP recommends the database be encrypted.
Device client database Set by the developer. The encryption key is stored in the data vault.
Data vault Set by the developer. The DataVault API provides a secure way to persist and encrypt data on the device.
Client password policy

Set by the administrator. Applies to passwords used to unlock the data vault (when implemented). Administered through Management Cockpit.

Parent topic: Limiting Application Access
Related tasks
Defining Client Password Policy