farfromrefug
commented
1 month ago @domportera thanks for the feature request. Right now the data is not encrypted and could be easily accessed. Files (images) are written on disk for optimized access and memory usage (no need to load full image in memory like i would have to do if the image was in the sqlite database). Not sure how to solve this right now but it is a great feature idea. I think if you choose in the settings to store data on the internal storage it would already be more secure as you would need to be root to access the data.
PS: the level of "security" right now is about the same as the photos in your gallery.
domportera
Is your feature request related to a problem? Please describe. Quite often these applications are used to scan highly sensitive documents (esp Card Wallet) - existing on-device unencrypted can be a security risk
Describe the solution you'd like Local database encryption by default for scanned-but-not-exported documents/cards option to export PDFs with password the easiest development-wise might be to have the user be able to set a global password, stored locally (encrypted via fingerprint/android unlock) and have this global password apply to everything exported
Describe alternatives you've considered An application to encrypt once exported, though no alternative solution can exist for the apps' internal scans outside
Additional context I'm a big fan of OSS card wallet and my suggestion largely stems from that, as I am keeping these files for as long as my phone lives. I'd like it to be as secure as possible
I have not checked the source to see if you using file-based encryption already for application files, so ignore that part if you are!
Thanks!! Love your work