I’m considering using secure storage for a application where security is very important. Will a store created by my application be accessible from another application? Or, when an application creates a store it is only accessible from the creating application. I know I’ll be asked this question during a security review.
Thanks, Donta
Short answer: no.
Longer answer: The first question you need to ask is whether you trust the device owner. I would call it “virtually impossible” to keep secrets from the device owner, so if you are trying to do that, I would suggest redesigning things so as not to store sensitive information on the device. Anybody with physical access to the phone in an unlocked state is equivalent to “device owner” for the purposes of this discussion.