Storing data securely
Sensitive data in mobile applications varies on the nature of the IoT device. Many devices may store personal data, collect personal data, patient health information (PHI), credit card information, and store account credentials on a mobile device to authenticate to an IoT device. Leaked credentials or long-lived session tokens may have a critical impact for smart door locks and connected vehicles. This sensitive data must be secured with controls and verifications in place. Many times, sensitive data is unintentionally exposed to third-party applications running on a mobile device for operating system interprocess communication (IPC). Additionally, it is not uncommon to lose a mobile device, or have it stolen or seized when traveling. In these cases, applications must employ proper security controls to protect sensitive data and make obtaining the data more difficult. In this recipe, we will discuss methods for storing sensitive data securely.
Getting ready
In this recipe...