Kennyhu/mob 18 encrypt sensitive data in device storage from radar sdk

[KennyHuRadar]

Decisions and considerations. We are adding a new android x dependency for encrypted shared preferences. We have decided to use the interface of the long term stable version, like Okta and Stripe. This implementation choice was picked over the alternative of using shared preference with in-house crypto library (high risk and engineering effort) and migrating off shared preferences (high effort).

Risk of dependency conflicts are mitigated via using a version of the dependency used by other SDKs and also allowing devices running earlier versions of android to use the regular shared preferences.

Currently implementing with bump in minimum deploy target to SDK 23. Based on data on customers, we determined that the impacts are small.

• only 0.4% of all historical users will be impacted
• If we only consider users that were active in the last year, there will be an even smaller impact. in particular: -- there are only 2 customer who have more than 100 users that will be impacted. -- the percentage of users impacted for each customer is about 0.2%.

Added a fake key store to pass unit test per suggestion of (this is a workaround and there does not seem to be an offical support for AndroidKeyStore within the test suite)

• https://stackoverflow.com/questions/38213748/using-the-android-keystore-in-robolectric-tests
• https://proandroiddev.com/testing-jetpack-security-with-robolectric-9f9cf2aa4f61 -https://github.com/robolectric/robolectric/issues/1518

[KennyHuRadar]

waypoint build: https://expo.dev/accounts/radarlabs/projects/waypoint/builds/86a7e0b0-103a-4171-9067-1a9e6ae7d9b3