Backup mode enabled

Backup mode enabled

Risk: potentially

Description

Android performs by default a full backup of applications including the private files stored on /data partition. The Backup Manager service uploads those data to the user's Google Drive account.

Recommendation

if the application contains sensitive data that you don't want to be restored, you can disable backup mode by setting the attribute android:allowBackup to false in the application tag.

Links

• Random Musings on the M Developer Preview: the Ugly (Part Two)
• DRD22. Do not cache sensitive information