Each platform has its own unique way of storing user data and settings. When using a native approach, it is typical for the device to store the individual application settings in the application bundle itself, rather than as a universal settings file. This is primarily not only for security, but also for usability.
Consider a scenario where a user has three messenger applications on their phone. Each of them will have a username and password setting. If there was a universal settings file, there would firstly be no way of knowing which username/password corresponded to which app, and secondly, the other two applications would potentially be able to intercept the incorrect password and use it for nefarious purposes.