Any time we are storing a text file it should be encrypted.

[andrewtremblay]

To pass Verafication with Veracode. Plus it's just good practice.

[andrewtremblay]

We cannot use pseudo-random generators anymore (hence the switch to using SecureRandom in Android), or it will fail the scan

[andrewtremblay]

This should be in the Security Pass, not the Android milestone.

[andrewtremblay]

Punting on this since we're migrating the SDK data to local DBs. That's where we'll encrypt everything.