I haven't been able to find exactly what I've been looking for by searching the web. Basically, I am making an app with digital currency that I don't want users to be able to hack and add coins to their account. I was thinking of 2 methods to do this, I want to know your opinions on them and how you would approach them to be as secure as possible. I'm not too sure about them but here they are:
Store the data on the user's device with an encryption. The issue with this is that if the user has root access, they could potentially decrypt it.
Give each phone a UUID and store their "coin" information in a database. Every time they open the app, they are automatically logged in using the UUID. This prevents the need to create passwords and usernames. The issue with this is that someone could decrypt the UUID off someone else's device and use it on their own to steal it. Also this would make the experience potentially slower and would cost more for me to do.
So what is the best solution? Do you know of any other ways? Thanks in advance.
Extra info: I plan on using LibGDX since it is cross platform and may be a good place to start but it may also limit what I can do. I am willing to use native android and eventually do the same on iOS if it allows for a much more secure experience.
You cannot store data locally 100% secure. As soon as your app itself can read/write the local coin count the "attacker" can as well.
The only secure option is to save it on a server. Of course every increase / decrease of the coin count has to happen on the server itself and be checked for validity before saved.
Note: You cannot "decrypt the UUID off someone else's device" as long as the server is secure.
UUIDs (Universally Unique Identifiers) are unique across space and time. They just are, there is nothing to decrypt.
The problem of digital currencies has been solved: Bitcoin, Litecoin and the spin offs. It is not an easy of trivial thing to create. If you are dealing with "coins" that have any real value you really need to get your scheme and security vetted by a digital security domain expert, expect to pay several thousand dollars.
Root access does not protect the encrypted data, the data can only be decrypted with the correct key, generally 128 to 256 bits of random data. The protection problem moves to protecting the key. About the best you can do is create a random key to use and save it in the keychain (iOS, Android keychain has more restrictive usage). But if the device does not have a good passcode (or any or good) there is little to no security. In general protecting data from the valid user is difficult and usually falls under DRM, needs servers and authentication.
LibGDX: the more obscure coding system you use the less help is available, think carefully about that. Also if you have competition the UI is very important. While it is generally said that you only have one chance to impress the user you have multiple opportunities to make them unhappy/angry ex-users. Cross platform systems tend to have poorer UI and more non-standard from the native UI on each platform.
Related
I’m planning on allowing my users to sync their data with the cloud so that if they get a new phone or switch phones (ex. iPhone to Android and vice versa) they will be able to reload their data into their phone. Currently all their data is stored on their phones. I plan on encrypting their data in the database so it isn’t easily readable. However I have been reached out to by universities that could find user data useful (I would of course make the data so that they wouldn’t be traced back to the user, and ask for their consent). I’m wondering if there is a secure way to encrypt user data but also make it so that if I need to decrypt it for research purposes in the future I would be able to do this. Are there any best practices to do this?
I would argue that the obvious solution would also be the ideal solution. You have two tasks that could fairly easily be solved separately, so solve them separately. To do exactly what you are asking for, would require experimental cryptography.
Use state-of-the-art password based encryption for the identified user data that the users store for themselves.
Collect the research data separately, with explicit permission from the user. Generate individual random identifiers for each user, send those identifiers to each phone respectively, and compile the research data on the user phone, and submit it from the user phone to a different data store on your servers.
I have little experience with Android app development, and close to none with iOS. I'm writing an app that has to store a certain "key", and I would like this key to be stored in a secure way. As secure as possible, with reasonable development effort. The key has to be stored: the whole point is that the user should not need to be online to fetch it from a server.
I'm not sure which is the best solution for each of the two platforms. I've read a bit about Keystore in Android and Keychain in iOS, but I can't quite get how secure they are. Many say none of them is really secure, as an attacker could reverse engineer the app, find a file, get access to... but in the end people have been storing passwords and keys somewhere on PCs for decades, no method is 100% safe, so I fail to understand whether it's just paranoia* when it comes to mobile apps (well, more paranoia than usual) or if mobile platforms are really that much insecure.
Is it reasonably safe to assume that Keystore and Keychain would give me as much security as I would need to protect the key from a not-too-advanced (or expensive) attack?
PS Don't get me wrong, I appreciate security as much as anyone, and I always strive for it. But reading that an app would be "not secure" "because the phone might get stolen" prompts me to question whether we should write software at all :)
First of all, Keystore is used to sign application before send it to the store, for example if you send your application to a paly/apple store, using keystore/keychain protect your application to stay safe from malware, because some one can download it, put a malware and send it again to store !
Also, if you update the version of your old application, your clients can't update the old app, they will install the 2 versions in the same time, because your app is not linked using the keyStore/Keychain, hope I'm clear.
What are you looking at : is a storage with a encrypted information, in this case I use Realm because The Realm file can be stored encrypted on disk by passing a 512-bit encryption key (64 bytes).
I'm building a simple Android application for my self. It is a simple password manager where I can store all my accounts. I just want to know if is it possible to hack or extract the data of Android app even if it's offline?
Thank you
Are the password hashes stored server or client-side? If the passwords are stored client-side, then yes, it is indeed possible. If the passwords are stored in plaintext, all the better for the attacker who has local access to the device.
My hope would be that you used symmetric-key encryption on the passwords which can only be decrypted with your master password utilized as the key and that you minimize plaintext exposure even within memory.
No one can transfer data to a remote server when the device is offline, but there are other possible ways considering your problem like,
Create a program to collect data from your database and send it through SMS (Considering passwords are textual data and small in size)
Create a program to collect data and stay in low profile and send them to a server when the device became online
Technically possible, But don't worry, chances for someone doing something like this is very low,
Go with your idea and encrypt data if you can to avoid easy stealing.
Happy coding :)
I would always assume yes with these kind of things. I would recommend looking into encryption of the data, a simple splash screen for an app password would work. I would make sure that the private encryption key something that can only be generated by that password entered at the lock/splash screen. Other than that, on stock roms you should be alright but obviously dont leave fishy apps on your device. If I was building this I might even look into 2 factor auth via nfc as well.
Yes, It may be possible!
Internet is not only thing which connect port or sharing of port,
There are many options like bluetooth or Hostpot...
Through which we can connect two device jz we have to write program which access these tools and gives command to victims phone....
For online
We have msfvenom payload to hack any android...
Its quite easy process in this process we forword victims phone port to attacker os....
Its so easy
For offline services we can hack device using BT remote control or same as with wifi...
as you know, we can access to any folder on android device after rooting. My app has a database and some other binary files. I know that I can't prevent user see my files and database. But is there any way to prevent user copy it to other android devices for illegal use?
One option is to encrypt the data stored in database. Normally it is stored in plaintext. SQLCipher, I believe works for Android too..
From Android/google official forums,
Users with rooted phones can get access to any files they want.
Otherwise, databases in the conventional on-board flash location are
secure.
If you want to prevent that (routed access) only option is to encrypt it. However long it takes.
EDIT:
What I am saying is, it is never completely secure. You can make it as much difficult for hackers. You can save the decryption key (only) in the server (if downloading entire data from server is time consuming) but then app needs net connection to work. You can save the key in a hidden file (filename starting with .), but rooted users with knowledge about linux type file system can find them. Or you can do as Teovald suggests it in the comment to this answer, by generating the key in run time using any hash algorithm from any constants (like IMEI number), but it also need some processing. The more you try to secure it, the more works you need to do to use it. So it is a 50-50 kind of situation, and decision should depends on one's requirement.
Apart from encryption (see Krishnabhadra's answer) the only way to ensure critical data is to not have everything on the device. So you could access the most critical data always online only.
Of course this has the downside that not all of your app is usable if the user has no connection. You have to balance between your need to keep data safe from prying and allowing instant offline access to data.
If you can alleviate the former problem depends on the data. If all is critical, nothing is allowed on the device. Users will understand and begrudgingly accept this. No one would want a copy of his bank account on his device. But you should allow access to everything that is not critical even in offline mode.
I have an Android game and I want it to store data - say a high score for example - against each user on a server backend.
Here's a list of outrageously demanding requirements! It's unlikely any solution can meet all these demands, so I've changed/prioritised them:
Minimum/very easy server and client code
Free/cheap
Automatically scalable and no/little server maintenance
As secure as possible with minimum code
Seamless - no user action required to authorise/choose anything
I know about Parse, and that seems the easiest option but I'm concerned about the future cost and would prefer more control so I'd like some alternatives.
AWS seems a lot of effort, although it handles secure anonymous authentication fairly easily and well.
App Engine would be great if there was an easy way to secure requests without requiring the user to login or authorise app engine.
So... I want the seamlessness of Parse, the security of AWS, and the auto-scaling of App Engine. Also the ease of use/coding of Parse. Fingers Crossed. :)
Thanks
My advice: use Parse, but create enough abstraction/encapsulation in your models so that swapping Parse out for another service won't be so painful. But seriously, I don't think Parse will get expensive (or even not-free) until your app is seeing very high demand. Furthermore, the Parse guys seems pretty committed to openness: you can export your data as a CSV and they have a REST API so any type of program you write can access the data.
If you're determined to roll your own, I'd recommend creating a Rails back-end with Heroku. Piggyback SSL is free, HTTP Basic Auth is really easy in Rails, and the entire stack will play nicely with whatever db you'd want to use (I'm assuming NoSQL since you want flexibility).
Any PaaS that supports SSL and a dataabse will probably do. Estimate your traffic, data storage and processing needs and pick one that is cheap enough to get started. App Engine is going out of beta soon, and the pricing model will be changed, so if you want autoscaling you'll have to pay for it.
What exactly is 'secure anonymous authentication' and how does AWS support it?