Call to Android Security API
Call to Android Security API
Description
List of all API calls to the Android Keystore and Keychain API.
Recommendation
This entry is informative, no recommendations applicable.
Links
- Android Keystore System (Android developer)
- CWE-522: Insufficiently Protected Credentials
- Android Keychain System (Android developer)
- CWE-312: Cleartext Storage of Sensitive Information
- Insecure Data Storage (OWASP Mobile Top 10)
- Security tips (Android developer)
Standards
- OWASP_MASVS_L1:
- MSTG_CRYPTO_1
- MSTG_CRYPTO_2
- MSTG_CRYPTO_3
- OWASP_MASVS_L2:
- MSTG_CRYPTO_1
- MSTG_CRYPTO_2
- MSTG_CRYPTO_3
- OWASP_MASVS_v2_1:
- MASVS_CRYPTO_2