If we take a look at OWASP Top 10 Mobile Risks, one of the top risks is insecure data storage. The iOS application interacts with the local system in order to store temporary as well as persistent data.
What if your credit card details are stored temporarily in WebKit cache? What if your login credentials are stored locally in plain text? What if the developers store OAuth token insecurely?
The major risk arises when an application stores sensitive information insecurely in both persistent as well as temporary formats.
XML and plist
Temporary file—data cache
Each of this local storage has its own pros and cons. If the developers have not taken care of securing sensitive data, an attacker is more likely to access sensitive data on a device. An attacker having access to the rooted device can easily download application...