Keychain interaction was observed during dynamic analysis. iOS provides the keychain for secure data storage. However, in several scenarios, the keychain can be compromised and subsequently decrypted.
Evaluation Criteria:
The evidence table lists all detected uses of the iOS Keychain:
Name: operation to be done on iOS Keychain item.
Locations: locations data including IDs that can be resolved using NowSecure Locations API. It represents the locations of the reported data within the app.
Class: type of item in the iOS Keychain.
Service Name: name of the service or scope the app is using, e.g., the app identifier or bundleIdentifier.
Account: account identifier, e.g., username
Match Limit: maximum number of results to return from an iOS Keychain item search.
Return Data: boolean that indicates if data should be returned
Return Attributes: boolean that indicates if attributes should be returned
Context: additional context data related to the Keychain item.
Inspect the calls to the iOS Keychain and ensure that the intended behavior is being performed.
Steps to Reproduce
This section highlights any activity where the app calls the iOS Keychain. The table in this section displays when keychain items are created, deleted, or queried in some way.
Finding Description
Keychain interaction was observed during dynamic analysis. iOS provides the keychain for secure data storage. However, in several scenarios, the keychain can be compromised and subsequently decrypted.
Evaluation Criteria:
The evidence table lists all detected uses of the iOS Keychain:
bundleIdentifier
.Inspect the calls to the iOS Keychain and ensure that the intended behavior is being performed.
Steps to Reproduce
This section highlights any activity where the app calls the iOS Keychain. The table in this section displays when keychain items are created, deleted, or queried in some way.
Risk and Regulatory Information
Severity: info
Policy Category: Informational
Application
See more detail in the NowSecure Report
Evidence
| Name | Class | Match Limit | Return Attributes | Context | |---|---|---|---|---| | SecItemCopyMatching | inet | m_LimitAll | 1 | [object Object] | | SecItemCopyMatching | genp | m_LimitAll | 1 | [object Object] | | SecItemCopyMatching | cert | m_LimitAll | 1 | [object Object] | ... and 2 more