rspec/rules/S6288/description.adoc


			
				
					
						
						
						
							
							
							Android KeyStore is a secure container for storing key materials, in particular it prevents key materials extraction, i.e. when the application process is compromised, the attacker cannot extract keys but may still be able to use them. It's possible to enable an Android security feature, user authentication, to restrict usage of keys to only authenticated users. The lock screen has to be unlocked with defined credentials (pattern/PIN/password, biometric).

						
						
					
				
				
					
						Reference in New Issue
					
					View Git Blame
					Copy Permalink