Open wojciodataist opened 5 months ago
Thank you for reaching out to the Native Checkout SDK team. This integration path is now inactive for new merchants. If you are an existing merchant, please contact us here for further assistance.
New merchants can integrate the Native Checkout experience via the Braintree Android SDK or PayPal Android SDK. For more information please see their respective developer documentation linked below.
Hi,
I'm performing a security tests on an android mobile app that uses android-checkout-sdk. While doing code analysis of the app I've stumbled upon an issue with:
The file or SharedPreference is World Writable. Any App can write to the file
which is a standard of: CWE-276: Incorrect Default Permissions OWASP Top 10: M2: Insecure Data Storage OWASP MASVS: MSTG-STORAGE-2The issue is stored in
com/paypal/pyplcheckout/data/repositories/cache/Cache.java
Is this something that we should take care of on our side? If so, then maybe you have some suggestions what can be done?