Data Storage Security

SECURITY › Security

Encrypting data at rest with Keystore-backed keys, EncryptedSharedPreferences, and scoped storage.

Interviewers probe this to see whether you understand that on-device data is attacker-reachable on rooted or stolen devices, and that the OS gives you hardware-backed primitives to defend it. You are tested on where the root key lives (Android Keystore, never the app process), how to encrypt prefs/files at rest, what must never be stored in plaintext, and how to gate keys behind biometrics. Expect tradeoff questions on TEE vs StrongBox and the deprecation of Jetpack Security Crypto.

What this covers

Study this topic

Further reading