[FEATURE REQUEST] Local data encryption
domportera opened this issue · 5 comments
Is your feature request related to a problem? Please describe.
Quite often these applications are used to scan highly sensitive documents (esp Card Wallet) - existing on-device unencrypted can be a security risk
Describe the solution you'd like
Local database encryption by default for scanned-but-not-exported documents/cards
option to export PDFs with password
the easiest development-wise might be to have the user be able to set a global password, stored locally (encrypted via fingerprint/android unlock) and have this global password apply to everything exported
Describe alternatives you've considered
An application to encrypt once exported, though no alternative solution can exist for the apps' internal scans outside
Additional context
I'm a big fan of OSS card wallet and my suggestion largely stems from that, as I am keeping these files for as long as my phone lives. I'd like it to be as secure as possible
I have not checked the source to see if you using file-based encryption already for application files, so ignore that part if you are!
Thanks!! Love your work
@domportera thanks for the feature request.
Right now the data is not encrypted and could be easily accessed. Files (images) are written on disk for optimized access and memory usage (no need to load full image in memory like i would have to do if the image was in the sqlite database).
Not sure how to solve this right now but it is a great feature idea.
I think if you choose in the settings to store data on the internal storage it would already be more secure as you would need to be root to access the data.
PS: the level of "security" right now is about the same as the photos in your gallery.
yeah that makes sense. really I'd say the level of security is at least more secure than the gallery 😅 DCIM folder permissions etc etc. So this isn't urgent.
It doesnt have to be a database implementation, I just assumed that's how you organized the cards. if the android file encryption system I linked isn't quite straightforward to seamlessly implement I get that - trading off usability for this security is likely not worth it.
however exporting/importing with a PDF password should be more straightforward I think, and would cover a fair amount of security concerns by itself for most users
@domportera Yes i Will look at pdf with a password. Will also sync about encryption