Feature Request: password or pattern protection

[MoDevby]

I really think it's important for the financial information to be protected by a password or some other protection method. Maybe a data encryption option can follow later.

[brarcher]

My understanding is that protections in Android itself should be sufficient, and anything added to the app itself are unnecessary.

Encryption

• A device can use encrypted storage. Full disk encryption was supported in Android 5.0, and this is being phased-out for file-based encryption as of Android 7.0. (link)
• If the files being stored by the app were encrypted yet again, the key would need to be stored somewhere. It cannot be stored in the app, as it is easy to find it. Android can hold the key, but unless the device has a trusted security module a compromised device could still leak it. Devices with a hardware based security module are available starting with Google's Pixel 2 line last year (link). Unless someone happens to have such a phone it may be possible to leak the key on a compromised device.

Password

• If a device has sensitive data, one would expect that there is a password or something similar being used at the lock screen to prevent access.
• If one is concerned about handing their phone to someone and they accessing financial data, Android has a concept of a guest profile starting in Android 5.0 (link). This will allow one to give someone partial access to the phone, and optionally requiring credentials to get back to the original profile.

Does this information alleviate your concerns? If not, can you better describe your use case where a password and encryption are still necessary in the app?

[MoDevby]

Hi @brarcher, I don't fully agree that Android itself should be sufficient. Encryption wise most people including me never use full disk encryption as it's an overkill and as you mentioned already phased-out.

What matters to me really is not the encryption but the password protection for multiple reasons:

• A lot of people (with no fingerprint protection devices) don't use a password at all or they use simple ones that can be figured out easily.
• For my case I use a pattern protection in my device but the scenario that occur a lot to me is that sometimes I handle the device unlocked to someone to show him something and I may be busy with another thing and I don't want this person to accidentally or intentionally open my budget application and have a quick look at my spending or my revenue.
• Another scenario is that my family and close friends already know my pattern because I trust them, but that doesn't mean that I want to share my financial information with everyone of them. Having a guest profile is not useful because at the end they will figure it out anyway, and I often need them to open my device and do something inside my profile.

[brarcher]

I would not be opposed to having the database be encrypted, using a key from Android's Keystore. It would probably not be something I will get to, though. If someone from the community were interested in contributing the feature, I'd be glad to review the changes.