search

braintree / braintree_android

Braintree SDK for Android
https://developer.paypal.com/braintree/docs/start/hello-client/android/v4
MIT License
405 stars 232 forks source link

Braintreeapi.xml insecure storage #440

Closed omareltf closed 2 years ago

omareltf commented 3 years ago

General information

Issue description

The Shared Preferences Braintreeapi.xml stores all data in cleartext. As stated by OWASP this is a weakness. Is there a configuration to encrypt this data?

sshropshire commented 2 years ago

Hi @omareltf thanks for using the Braintree SDK for Android. We'll look into this for a future release.

sarahkoop commented 2 years ago

This was released in 4.7.0