Chat with us,

Everything You Need to Know About Data Security in Android Apps

No system can be completely secure. While developers can push for tougher security means and better encryption algorithms, there can be some vulnerabilities that might pop up now and then. Despite being developed by one of the biggest companies in the world, Android has also had its fair share of issues over the years. While many have been patched out entirely, others exist in some form and require measures.

 A dev's IDE on screen.

It takes experienced developers with the right knowledge to implement these measures from the get-go. Here's all youneed to know about data security in Android apps:

Commonly Known Data Security Issues on Android

Memory Safety

According to some estimates, around 60% of critical and high-level security vulnerabilities on Android are due to memory overflow or corruption. Based on the data available fromthe CVE List, which detailed around 414 vulnerabilities documented in 2019 on Android, around 36% of those vulnerabilities were about memory corruption. Many experts suggest that remote code execution and accessing various data without privileges were enabled through this.

Android has a wide range of services for it. The main solution isAddress Space Layout Randomization (ASLR), but otheroptions like OpenBSD dlmalloc, OpenBSD calloc, and Linux mmap_min_addr also do an excellent job of limiting most of the threats that can take place due to memory management problems.

Permissions Issues

To function, an application requires permission from the operating system to use different components. For example, a social media application would require access to the camera to take photosand storage to save data while contacts to import contacts. No application has any permissions by default to do any operations that would affect the memory, OS, user, or other applications available on the device. This is an important security measure to prevent the aforementioned material while limiting network access.

 A dev writing code.

After you access an application on your device for the first time, the application has to request the user for all the permissions that it needs, and the user must consent to the app using them. The tricky aspect is that some applications only request access for aspects that are necessary for operations, while others may ask for excessive access. Here, the user can often be blamed for allowing excessive as they don't'understand the importance of permissions and what they imply.

Over the years, Google has heavily expanded its app permission settings options. The most recent development has been the widespread availability of the"allow only while using the app,"setting on Android 11. This works for location, microphones, and cameras, i.e., the app is only allowed to access these once and has to ask permission again the next time it requires access. Permissions may also be revoked in some cases if they're not used heavily. 

Overlay Attack

Overlay attacks are a unique form of phishing scams that are more prevalent across Android. Essentially, various fake services can create overlays where they try to come off as legitimate services requiring your credentials. To a great degree, this has been resolved through Android 11, where the user requires permission from the user to pass to the authentication screen.

Data Storage

For storing larger data, non-sensitive options like personal media, music, and videos, it's best to use options like SD cards that can be removed and used externally through SD card readers on computers. But for sensitive information such as user data, all of it should be first encrypted and then stored in internal storage, allowing only the app that wrote that data to access it.

A developer working on code.

Ideally, external storage should be limited to non-sensitive data, mostly in large volumes so that you can share the information with other applications. But the major issue is that external storage is removable, which can be used to extract the data through other means. So all of the sensitive information should be encrypted and kept internally so only the application can utilize it.

Dynamically Loading Code

Dynamic code loading is an important featurethatallows applications to load specific code from beyond the codebase. In turn, this allows for smaller app sizes as various libraries and other assets can be pulled using remote access. The downside is that this remote access feature can be used by hackers and other nefarious parties as well.

Using various tools, remote code can be found, and it doesn't get verified because it's in the DEX rather than the APK.

Rooting

Rooting itself isn't a problem. It's the process by which users can remove various system restrictions and limitations due to the OS, which grants the user superuser level rights. It's heavily used across Android and is considered by many to be the main reason they use the platform. Unfortunately, rooting doesn't respect many of the protective limits of Android, which are in place to prevent various forms of data from being revealed.

Apart from this, other numerous problems rooting brings on to the user can make the practice more complicated. Many apps will fail to work as they don't have the right security measures as the device has been rooted.

How Apps Can Be Made Secure

Using Internal Storage for Sensitive Data

For storing all of the sensitive information of your app, you can use the internal storage directory for that particular app. These files are set under MODE_PRIVATE file creation mode, which disables other apps on your device from accessing these files, making them very safe.

In case you need to share information with other apps, don't use MODE_WORLD_WRITEABLE or MODE_WORLD_READABLE. Instead, use other options that offer access on a need-basis, allowing you to change permissions later on. If a dev doesn't want data sharing with other applications, there shouldn't be content provider object access.

A person reading code.

For additional security and compliance, you can also limit how much sensitive data you store and share. There are alternative ways to share data, such as sharing the email's hashinstead of the actual ID. Similarly, developers can focus on using private data on the client end rather than transferring them on the server-side for any processing. Maintaining logs is also necessary, but making sure that they are not used to leak data with the READ_LOGS option, allows access to most application logs.

Encrypting Data on External Storage

While not a common occurrence in the modern era, where base storage is generally 64 GB, Internal storage capacity tends to run out on Android devices, especially as app sizes continue to increase. For this reason, many applications also take the approach of storing sensitive information on external devices. Because they can be removed and accessed from other means, there needs to be some mechanism to ensure that app data is encrypted when it's stored.

Most developers are using AES, which has a 256 bits key size, making it hard to crack. Things get tricky here as using the javax.crypto package from the Android SDK gets complicated. It's becoming standard practice to utilize Facebook Conceal, which has a streamlined process for encrypting and decrypting data.

Utilizing Intents

It's a common approach among those new to Android but having some experience with Operating Systems to use sockets, named pipes, or set up asynchronous communication between applications via shared files. While these are standard approaches on Linux, this is considered a bad practice on Android for various reasons. The most major issue is that you're vulnerable to various threats. The easiest solution is to utilize intents, which helps various processes communicate with each other.

Make an instance of the Intent class, using a setComponent() function for providing the app's package name and component name, with putExtra() being used for adding data. If you need to send data to lots of apps at one time, you'll use the sendBroadcast() method for sending the intent. Any app that has a set BroadcastReceiver can read the broadcast.For this reason, you'll need custom permission with protectionLevel assigned asthe signature. Now, only those apps signed by the signing key can receive the broadcast.

HTTPS Instead of HTTP for Communication

Many people still make the mistake of using HTTP, which does not offer the same level of security that an HTTPS connection does. App and server-level communication should be done through HTTPS, with the HttpsURLConnection class being a good pick. Even if the data isn't confidential, using HTTP is a bad practice that should be avoided altogether.

Various connections such as public Wi-Fi that the average audience uses are not secure, monitored by hackers that they can use toinject all kinds of exploits using the HTTP traffic. With HTTPS, and servers having certificates from DigiCert or GlobalSign, you can be protected from a variety of problems.

Utilizing GCM

In the past, developers would use SMS for a wide variety of use cases. As it was realized that this solution was flawed, services like GCM or Google Cloud Messaging became more prevalent. The SMS protocol is not safe, as the information isn't encrypted, and these texts can easily be spoofed. Similarly, if an app has READ_SMS permission, any message that the user receives can be easily read by that application.

How does GCM help? All communications done through the service are fully encrypted. By having updated registration tokens on the client's end, along with a uniqueserver-side API key, these are authenticated. As a developer, you should look into using GCM instead of SMS wherever possible.

Avoid Asking for Personal Data

User data and privacy are not just buzzwords but are taken more seriously than ever before. Developers have to pay close attention to documents like the European Union's Data Protection Directive and Canada's Personal Information Protection and Electronic Documents Act when developing applications to ensure that they comply. As a rule of thumb, developers try not to collect personal user data if they don't have the necessary secure servers and set up to provide the integrity, availability, and confidentiality of information.

If it's necessary to authenticate users and find user profile info, you can use the Google Identity Platform. A user can be redirected towards it to sign up, and their necessary information, ranging from email to their photos, can be found. You also have alternatives such as Firebase.

Preventing SQL Injection

Buffer overruns don't occur if a user adds an invalid input on Android. Instead, you have to use an SQLite database, which checks user inputs aggressively and has specific queries to make sure that all the input provided by a user is accurate. If this isn't implemented, malicious parties can easily take on SQL injection attacks.

ProGuard

Attackers can easily go through any security measure that you have if they manage to get to the source code, which makes it necessary to use solutions like ProGuard. It can be used before the app is published on the Play Store, which minifies and obfuscates the source code. You can easily find this in the SDK for the OS. If you set the buildType in the build process to release, you have ProGuard readily available.

Conclusion

Ensure that you have experienced developers that are aware of the nooks and crannies of the OS and its development woes by working with Softwareistic. We're an Android and iOS app development agency, having resources for Flutter App Development, as well as React Native App Development services. Our company has worked with a wide range of businesses across a myriad of industries, helping them develop tools that take their productivity and business to the next level.

Whether you're looking to revamp an existing solution or develop something new and unique from scratch, you can rely on us to get the job done.

Need Consultation?

Drop us a line! We are here to answer your questions 24/7.