Preventing Session Copy On Rooted Devices By Encrypting Current Session Files #1192

DrMimik · 2023-03-17T22:50:58Z

New Feature / Enhancement Checklist

I am not disclosing a vulnerability.
I am not just asking a question.
I have searched through existing issues.

Current Limitation

Currently the SDK saved cached user session as clear text files.

Feature / Enhancement Description

Encrypting cached user sessions using Jetpack security features to prevent session copy on rooted devices.

Alternatives / Workarounds

No workarounds at the moment.

3rd Party References

I found this gist which provides a good way for testing encryption methods on Robolectric.

parse-github-assistant · 2023-03-17T22:51:00Z

Thanks for opening this issue!

🎉 We are excited about your ideas for improvement!

DrMimik linked a pull request Mar 17, 2023 that will close this issue

feat: Implementing encrypted local storage for user sessions #1191

Open

4 tasks

mtrezza added the type:feature New feature or improvement of existing feature label Mar 18, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Preventing Session Copy On Rooted Devices By Encrypting Current Session Files #1192

Preventing Session Copy On Rooted Devices By Encrypting Current Session Files #1192

DrMimik commented Mar 17, 2023

parse-github-assistant bot commented Mar 17, 2023

Preventing Session Copy On Rooted Devices By Encrypting Current Session Files #1192

Preventing Session Copy On Rooted Devices By Encrypting Current Session Files #1192

Comments

DrMimik commented Mar 17, 2023

New Feature / Enhancement Checklist

Current Limitation

Feature / Enhancement Description

Alternatives / Workarounds

3rd Party References

parse-github-assistant bot commented Mar 17, 2023

Thanks for opening this issue!