android-security

I have access token from the server after authentication lets say "uyhjjfjfgg567f8fhjkkf" now I want to save it in the device securely. I looked in Keystore and Keychain in android developer sites. I dont clearly understand how it works and how we should retrieve the token from the keystore. KeyPairGenerator kpg = KeyPairGenerator.getInstance( KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore"); kpg.initialize(new KeyGenParameterSpec.Builder( alias, KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY) .setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512) .build()); KeyPair

I've an app in Google Play, today I received a mail from Google saying that: Google Play warning: You are using an unsafe implementation of X509TrustManager It says something about the SSL certificate issues and a way to solve the issue. I'm asking this question because of curiosity, Actually what is this warning all about ? I'm not using any network related activities in my app (it's a local database driven app), so why this warning occurred for my app? More Details: My app was built using Appcelerator Titanium and google says this implementation is in ti.modules.titanium.network

Is there a way to detect within my own app that a Screen Overlay is currently present? For example, I see in the settings that they detect it: I would like to know if there is a way to detect it myself within my own app. Android View documentation offers clear ways : To enable touch filtering, call setFilterTouchesWhenObscured(boolean) or set the android:filterTouchesWhenObscured layout attribute to true. When enabled, the framework will discard touches that are received whenever the view's window is obscured by another visible window. As a result, the view will not receive touches whenever a

This question already has an answer here: SecureRandom provider “Crypto” unavailable in Android N for deterministially generating a key 3 answers Seems like "Crypto" provider has been removed in Android N. My application crashing because of NoSuchProviderException. If I change the provider and Algorithm then it will affect user who are all using the app currently. Any one have a idea? KeyGenerator kGen = KeyGenerator.getInstance(KEY_GENERATOR_ALGORITHM); SecureRandom sr = SecureRandom.getInstance(STR_SHA1PRNG, **CRYPTO**); sr.setSeed(seed); kGen.init(128, sr); SecretKey sKey = kGen.generateKey

Security alert Your app contains exposed Google Cloud Platform (GCP) API keys. Please see this Google Help Center article for details. I have an android application uploaded in google play store which uses Firebase for App Cloud Messaging in android. I have recently got an alert from play console that Security alert : Your app contains exposed Google Cloud Platform (GCP) API keys. Please see this Google Help Center article for details. Could you please tell anyone to resolve this issue. Thanks in advance. Hi this warning would come because the google cloud platform api key you are using in