How to Exclude Files, File Types, Media from Android & iOS Encryption
Appdome offers TOTALDataTM Encryption as part of the Appdome Mobile Security Suite. TOTALDataTM Encryption can be found under Appdome Security Suite. With mobile TOTALDataTM Encryption enabled, all stored data generated by the app is encrypted at runtime using industry standard AES 256 cryptographic protocols. With Appdome, encryption is accomplished dynamically, without any dependencies on the data structure, databases or file structures. TOTALDataTM Encryption elements include all types of files (text, office, PDF etc.), databases (SQLLITE, Oracle, Realm etc.), cached information, preferences, XML data and all other data generated by the application as part of its life-cycle. There may be situations where excluding files, file types, media from Android & iOS Encryption.
This knowledge base article reviews all the possible exceptions and exclusions available in TOTALData Encryption.
In addition to encrypting all data in the app, with TOTALCode™ Obfuscation, Appdome allows you to obfuscate the files that are bundled with the application at packaging time which is essential to the application installation process.
Easy Steps to Excluding Files, File Types, Media from Android & iOS Encryption
Here is the list of all the files that can be excluded from Android and iOS encryption.
| File Type/Path/Extension | Relevant OS |
Exceptions and Comments |
|---|---|---|
| Media files: *.jpg,*.jpeg,*.png,*.gif,*.wav,*.mp2, *.mp3,*.ogg,*.aac,*.mpg,*.mpeg,*.mid, *.midi,*.smf,*.jet,*.rtttl,*.imy,*.xmf, *.mp4, *.m4a, *.m4v,*.3gp,*.3gpp, *.3g2, *.3gpp2,*.amr,*.awb,*.wma, *.wmv,*.webm |
iOS & Android | Encrypted by default. Can be Encrypted while using external media player components by enabling Smart Media Sharing. |
| Web files: Fonts: *.woff’, *.woff2, *.eot, *.otf’, *.ttf Images: *.jpeg, *.jpg, *.svg, *.webp, *.gif, *.png, *.bmp Pages: *.html, *.htm, *.asp, *.aspx, *.php, *.php? Resources: *.css, *.js, *.json, *.jsp, *.jsf |
iOS & Android | Encrypted by default. These files can be excluded to improve performance for apps heavily dependant on internal web content. |
| Plist files under /Library/Preferences |
iOS | Plist files under/Library/Preferences are accessed both by the OS and by the application. AppDome encrypts the key/value pairs that are not required by the OS. Publicly available key/value pairs are not encrypted (as required by Apple). All other keys/pair values including programmatically generated by the developer are always encrypted. |
| Snapshots are taken by the OS to facilitate application switching |
iOS | AppDome provides the ability to blur the snapshots taken by the OS. These files cannot be encrypted (as required by Apple). |
| Photos | iOS | Photos stored to the camera roll (shared storage) are not encrypted in order to facilitate normal device/application picture sharing behavior (required by Apple). |
| Cache.DB | iOS | Contains metadata for browsing info and is managed by the OS. This file is not encrypted (required by Apple). |
| com.apple.opengl/ com.android.opengl.shaders_cache/ |
iOS & Android | These files contain shader(s) intermediate info and are managed by the OS, and are not encrypted (required by Apple and Android). |
| Plist files under/Library/SyncedPreferences/ | iOS | These files are used by iCloud to sync its state (not data), and are not encrypted (required by Apple). |
| *.pflock | iOS | These files are used by the OS to obtain database locks (no data), and are not encrypted (required by Apple). |
| Keychain | iOS | By design, items stored in the Keychain are encrypted by Apple. You can use AppdomeSSO+ to encrypt authentication related Keychain entries on top of the Apple encryption mechanism. |
| Keystore | Android | By design items saved in the Android Keystore are managed and encrypted by the Android OS (required by Android). |
| External download managers |
Android | Applications leveraging external download managers which download content outside of the application’s control may generate non-encrypted files. Appdome can obfuscate those files as part of Secure Download. |
| WKWebView files
/WebKit/NetworkCache/ |
iOS & Android | These files are generated by an external WebView or WebKit component (not part of the application), and contain non-sensitive cached data such as public cookies and HTML files. Appdome recommends as a common practice, where possible, to avoid using cached information. |
| app_webview/* org.chromium.android_webview/* com.google.android.webview/* |
Android | Applications utilizing chrome’s app_webview interface may generate non-sensitive data in a form of cookies, that is to be left clear-text for chrome to function properly (required by Android). |
| SQLite webdatabase cache files | Android | Applications utilizing chrome’s web database interface may generate non-sensitive cache data, that are to be left clear-text for chrome to function properly (required by Android). |
| *.dex, *.jar, *.apk, *.so | Android | Android requires executables and extensions of the application code and libraries to be accessible in clear text form. Appdome can obfuscate those files as part of TOTALCodeTM Obfuscation. |
| /libcrypto.*,/libssl.* | iOS & Android | These files and dynamic libraries which are loaded and managed by the OS, and must be in clear text form (required by Android).
Appdome can obfuscate those files as part of TOTALCodeTM Obfuscation. |
| /com.apple.metal/*, /var/mobile/Library/Caches/* /com.apple.keyboards/*; |
iOS | These files and dynamic libraries which are loaded and managed by the OS , and must be in clear text form (required by Android). |
| /com.crashlytics.data/*,/.Fabric/com.crashlytics.sdk.android .crashlytics-core/* |
iOS & Android | These files are used by crashlytics framework and must be saved in clear text form for crashlytics reports to be sent correctly. |
Related Articles
- Dex Control Flow Relocation, Anti-Reversing for Android Apps
- How to Favor Loading time in Android & iOS Apps
- Binary Code Obfuscation, Anti-Reversing for Android & iOS Apps
- Obfuscate Mobile Business Logic, Anti-Reversing in Android & iOS Apps
How Do I Learn More?
To zoom out on this topic, visit Appdome for Mobile App Security on our website.
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.
