A tiny lib (Less than 10 methods) to store constants where attackers will have a harder time to find.
This library uses an annotationProcessor to store the constants in a new file (where the constants are encrypted), and via JNI it will later retrieve them decoding them inside the .so file.
This way the attackers cant know the encoding system (because its inside the annotation processor), neither the decoding.
The MSAL library for Android gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Azure AD B2C.
Storing Credentials securely on a Device is a must. To make that possible we have combined the Android Keystore for generating Cryptographic keys, and storing them securely and using those keys we encrypt the credentials and save them in the SharedPreferences.
Encryptor4j consists of a set of wrapper and utility classes that make leveraging cryptography in your application alot easier.
It enables developers to encrypt and decrypt with little room for error, using few lines of code and supports all popular encryption algorithms such as AES, DES, RSA etc.
One tool to manage key generation, key storing and encryption on different APIs of Android.
As you may know android provided API to use
keystore that is stored in system only from API 18. They introduced AndroidKeyStore provider that is responsible to manage this.
But as always there are underwater stones. Up to API 23 you are only able to create asymmetric keys using
AndroidKeyStore provider. Also algorithms that you can use are limited. And what about devices below API 18 ?
This project provides API that wraps default JCA api and
AndroidKeyStore API and makes it easy to create, manage and use your keys on any andorid API.
A sample application that can be used as a template for implementing Mobile Two Factor Auth
The major drawback of authentication performed including something that the user possesses is that the physical token (the USB stick, the bank card, the key or similar) must be carried around by the user, practically at all times. Loss and theft are a risk. There are also costs involved in procuring and subsequently replacing tokens of this kind. In addition, there are inherent conflicts and unavoidable trade-offs between usability and security.
AndroidTampering is a library that provides an extra layer of security to your Android application. This library protects your application against simple tampering attacks. Please note that this protection methods can also be hacked. So, besides the tampering protection, don't forget to add all the other security recommendations.