What about mobile?
When it comes to which workflow to use for an application on a mobile device, the same considerations are taken into account: can the application securely store and transmit confidential data. This topic gets interesting when we start discussing modern mobile platforms. Most modern mobile platforms provide APIs for secure storage:
- iOS: iOS 4+ SDK utilizes Data Protection
- Android: Android 6+ SDK v23+ provides the Android Keystore system
- Windows Mobile: Windows Phone SDK 8+ provides the DPAPI (Data Protection API)
Tip
This is not an exhaustive list of APIs for secure storage for each platform. Most modern mobile platforms actually provide many different methods for securely storing your data. This is only a sampling.
Used in conjunction with secure transmission protocols, such as SSL or TLS, many application developers consider these satisfactory for the requirements of secure storage and transmission of confidential information, and therefore consider their mobile applications...
