Monaca Secure Storage

This plugin provides an encrypted data storage function. If the application is uninstalled, saved data will also be deleted.

In order to use this plugin, you are required to subscribe to a valid plan. Please refer to Monaca Subscription Plans.

This plugin is not available for custom build debuggers. If you want to check the operation, you need to debug build the app.

Supported Platforms

  • Cordova 7.1 or later

  • iOS 9 or later

  • Android 4.1 or later

If you want to support iOS 13 or later, you need to use version 2.2.0 or later.

Encryption Scheme

  • Encryption Method: AES

  • Key Length: 256 bits

Adding the Plugin in Monaca Cloud IDE

  1. From Monaca Cloud IDE menu, go to Configure → Cordova Plugin Settings.

  2. Under Available Plugins section, hover over the SecureStorage plugin and click Enable button.

Methods

Method

Description

Set Data

Save data into the storage by specifying the key and value. The boolean callback will notify whether the data is successfully saved (True) or failed to save (false).

plugins.secureStorage.setItem(key, value, function(result) {

// result: true=success, false=error

});

Get Data

Retrieve data associated with the specified key. The callback will return the intended data if the key is found; otherwise, a null value will be return.

plugins.secureStorage.getItem(key, function(value) {

// value: null = no such a value

});

Delete Data

Delete the data associated with a specified key. The boolean callback will notify whether the data deletion is successful (True) or failed (false).

plugins.secureStorage.removeItem(key, function(result) {

// result: true=success, false=error

});

Delete All Data

Delete all data in the storage. The boolean callback will notify whether the data deletion is successful (True) or failed (false).

plugins.secureStorage.clear(function(result) {

// result: true=success, false=error

});

App Store Submission

In this plugin, we use the encryption library of iOS SDK. Therefore, in order to release the built app embedded this plugin to the App Store, you need to set 2 options when you submit your app for a review. Under the Export Compliance section, please choose "Yes" for both questions as shown in the screenshot below:

Change of Data Storage Method

This feature is available in version 2.0.0 and later.

Change the storage method of encrypted data. This change can enhance security. Data saved by the Secure Storage Plugin can only be read by the saved device. If the application is launched on another terminal, eg, backed up The data saved by this plugin is different from the saved terminal and can not be read.

If you change the storage method, please note that you can not restore it. Data saved in "Static" mode can not be retrieved in "Individual" mode. Also, data saved in "Individual" mode can not be retrieved in "Static" mode.

How to set

Security is enhanced as the individual mode by adding the following settings to config.xml.

<preference name="SecureStorageMode" value="individual" />

About data migration from plugin version 1.x

Data saved with version 1.x is automatically migrated to the specified mode. As an example, if data saved in version 1.x is processed in version 2.x (static mode), data handled in version 1.x will be migrated in static mode.

Please note that if you change the mode from Static to Individual while using version 2.x, data can not be acquired.

See Also:

Privacy Manifest

The privacy manifest required by this plugin is as follows. (cordova-ios 7.1.0 or greater)

<platform name="ios">
  <privacy-manifest>
    <key>NSPrivacyTracking</key>
    <false/>
    <key>NSPrivacyTrackingDomains</key>
    <array/>
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
    <dict>
      <key>NSPrivacyAccessedAPIType</key>
      <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
      <key>NSPrivacyAccessedAPITypeReasons</key>
      <array>
      <string>CA92.1</string>
      </array>
    </dict>
    </array>
    <key>NSPrivacyCollectedDataTypes</key>
    <array/>
  </privacy-manifest>
</platform>

For more information on how to write a manifesto, see https://en.docs.monaca.io/release_notes/privacy-manifest-requirement-for-ios-apps#setting-up-the-privacy-manifest .

Last updated