biometric_storage icon indicating copy to clipboard operation
biometric_storage copied to clipboard
verified publisher icon authpass

StrongBox reliability uncertainty

Open luckyrat opened this issue 3 years ago • 0 comments

I have no concrete data on this but while debugging something that was probably unrelated in the end, I found a number of concerning discussions relating to the reliability of the Android StrongBox feature.

https://github.com/wultra/powerauth-mobile-sdk/issues/354

https://github.com/beemdevelopment/Aegis/issues/87

https://github.com/mogol/flutter_secure_storage/pull/225

https://github.com/forcedotcom/SalesforceMobileSDK-Android/blob/dev/libs/SalesforceSDK/src/com/salesforce/androidsdk/security/KeyStoreWrapper.java#L231

On my Kee Vault branch I have temporarily rolled back the enabling of this feature since I don't currently have the time or sufficient Android devices to test it thoroughly enough while I'm focussed on other more urgent fixes and enhancements.

Just thought I should mention this here in case anyone else is using the unreleased main branch at the moment (and since the strongbox change isn't mentioned in the pre-release changelog yet).

luckyrat avatar Jul 11 '22 23:07 luckyrat