sqlcipher logo

Android offers several levels of data security. Some applications try to “hide” data by using an application’s private storage. This can be effective under certain circumstances for data that does not require strong security. An adept developer or hacker with access to your phone can apply a few procedures that “unhide” private data in just a few minutes. We do not recommend this approach for saving passwords or personal information.

A strong step toward security is to use the SqlCipher from the Guardian Project.

A quote from product page says it best:

“SQLCipher is an SQLite extension that provides transparent 256-bit AES encryption of database files.”

Given it’s encrypted, the database can be stored on an sdcard, a network drive or private storage.

The SecureSuite implementation for Android is a working example of an effective security tool. We have tested with 80,000 contact records with little performance degradation. There are a few tricks of the trade for re-keying the database, for debugging a database with tools designed for a clear-text database and for working with an Android application’s private data.

For an example of SqlCipher, see the SecureSuite implementation in GitHub. Contact us for help with the design, development, integration and testing of your security application.