Monaca Secure Storage
This plugin provides an encrypted data storage function. If the application is uninstalled, saved data will also be deleted.
Supported Platforms
Cordova 7.1 or later
iOS 9 or later
Android 4.1 or later
Encryption Scheme
Encryption Method:
AESKey Length:
256bits
Adding the Plugin in Monaca Cloud IDE
From Monaca Cloud IDE menu, go to
Configure → Cordova Plugin Settings.Under Available Plugins section, hover over the
SecureStorageplugin and clickEnablebutton.
Methods
Method
Description
Set Data
Save data into the storage by specifying the key and value. The boolean callback will notify whether the data is successfully saved (True) or failed to save (false).
plugins.secureStorage.setItem(key, value, function(result) {
// result: true=success, false=error
});
Get Data
Retrieve data associated with the specified key. The callback will return the intended data if the key is found; otherwise, a null value will be return.
plugins.secureStorage.getItem(key, function(value) {
// value: null = no such a value
});
Delete Data
Delete the data associated with a specified key. The boolean callback will notify whether the data deletion is successful (True) or failed (false).
plugins.secureStorage.removeItem(key, function(result) {
// result: true=success, false=error
});
Delete All Data
Delete all data in the storage. The boolean callback will notify whether the data deletion is successful (True) or failed (false).
plugins.secureStorage.clear(function(result) {
// result: true=success, false=error
});
App Store Submission
In this plugin, we use the encryption library of iOS SDK. Therefore, in order to release the built app embedded this plugin to the App Store, you need to set 2 options when you submit your app for a review. Under the Export Compliance section, please choose "Yes" for both questions as shown in the screenshot below:
Change of Data Storage Method
Change the storage method of encrypted data. This change can enhance security. Data saved by the Secure Storage Plugin can only be read by the saved device. If the application is launched on another terminal, eg, backed up The data saved by this plugin is different from the saved terminal and can not be read.
If you change the storage method, please note that you can not restore it. Data saved in "Static" mode can not be retrieved in "Individual" mode. Also, data saved in "Individual" mode can not be retrieved in "Static" mode.
How to set
Security is enhanced as the individual mode by adding the following settings to config.xml.
<preference name="SecureStorageMode" value="individual" />About data migration from plugin version 1.x
Data saved with version 1.x is automatically migrated to the specified mode. As an example, if data saved in version 1.x is processed in version 2.x (static mode), data handled in version 1.x will be migrated in static mode.
Please note that if you change the mode from Static to Individual while using version 2.x, data can not be acquired.
See Also:
Privacy Manifest
The privacy manifest required by this plugin is as follows. (cordova-ios 7.1.0 or greater)
<platform name="ios">
<privacy-manifest>
<key>NSPrivacyTracking</key>
<false/>
<key>NSPrivacyTrackingDomains</key>
<array/>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>CA92.1</string>
</array>
</dict>
</array>
<key>NSPrivacyCollectedDataTypes</key>
<array/>
</privacy-manifest>
</platform>For more information on how to write a manifesto, see https://en.docs.monaca.io/release_notes/privacy-manifest-requirement-for-ios-apps#setting-up-the-privacy-manifest .
Last updated
Was this helpful?