Application should prevent undesired access to private data and preferences. This includes: (i) enabling storage encryption, (ii) using AES128 (or higher) to encrypt files when writing on the SD card, and (iii) disabling MODE_WORLD_READABLE for shared preferences.
REFERENCES:
Text
Links
OWASP MOBILE TOP 10 - M2 - INSECURE PLATFORM STORAGE - Android Best Practice [[1]].
Application should prevent undesired access to private data and preferences. This includes: (i) enabling storage encryption, (ii) using AES128 (or higher) to encrypt files when writing on the SD card, and (iii) disabling
MODE_WORLD_READABLEfor shared preferences. REFERENCES: