How to Provide Secure Offline Data Access for iOS & Android
This article covers how to provide secure offline access for iOS and Android apps.
Secure Offline Data Access for iOS & Android Apps
Security-conscious developers sometimes may want to restrict access to offline data or introduce additional security requirements on users in order to grant offline access. For example, to only allow offline access after successful authentication with a remote server. They also may want to limit offline access to the data to a certain time-frame or require additional authentication.
With Appdome TOTALDataTM Encryption, all data stored inside the mobile app (including media files) is encrypted at run-time using industry-standard AES 256 cryptographic protocols. When the Appdome Smart Offline Handoff option is enabled, Appdome decrypts the app’s data only after the user successfully authenticates. Additionally, the developer can specify a folder for offline file access, along with the required conditions that must be met in order to permit offline access to the data (for example the required conditions may include a time expiration, or require additional authentication, such as Pincode/ biometric authentication).
Prerequisites for using Appdome’s Smart Offline Handoff
- Appdome account – IDEAL or higher.
- Appdome-DEV access
- Mobile App (.ipa for iOS, or .apk or .aab for Android)
- Signing Credentials (e.g., signing certificates and provisioning profile) – see Signing Secure Android apps and Signing Secure iOS apps
Adding Appdome Smart Offline Handoff to your app also requires Appdome DEV-Events ™, to be enabled in your code. The DEV-Events will inform Appdome on when and how to enable offline access to the app’s files.
Appdome DEV-Events Structure
Each Appdome DEV-Event is a set of key/value dictionary. Both key and value are strings: Java Strings, for Android App and NSString for iOS Apps.
| EventID | Event Fields |
|---|---|
| OfflineFolderAccessed |
|
iOS
How to enable Appdome’s offline access to the app’s files:
NSString* onlineToken = @“myonlinetoken";
NSString* offlineToken = @“myofflinetoken";
NSMutableDictionary *userInfo = [[NSMutableDictionary alloc] init];
[userInfo setObject: onlineToken forKey: @"onlineSecret"];
[userInfo setObject: offlineToken forKey: @"offlineSecret"];
How to Follow and Receive Appdome DEV-Events:
[[NSNotificationCenter defaultCenter] postNotificationName:@"AppdomeOfflineSetProfile" object:nil userInfo: userInfo];
[[NSNotificationCenter defaultCenter] addObserverForName: @"OfflineFolderAccessed" object:nil queue:[NSOperationQueue mainQueue] usingBlock:^(NSNotification *note) {
NSString *action = [[note userInfo] objectForKey:@"action"];// expired, noSecret, accessNoLocalAuth or accessPincode
NSString *timestamp = [[note userInfo] objectForKey:@"timestamp"];// UNIX timestamp when event happened
}];Related Articles
- Protect Mobile App Data Using Data Encryption
- How to Store Encrypted Secrets in Android & iOS Memory
- How to Apply Data-at-Rest Encryption to downloads performed via Android’s DownloadManager API
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.
