Monaca Secure Storage

This plugin provides an encrypted data storage function. If the application is uninstalled, saved data will also be deleted.

In order to use this plugin, you are required to subscribe to a valid plan. Please refer to Monaca Subscription Plans .

Supported Platforms

  • Cordova 4.1 or later
  • iOS
  • Android

Encryption Scheme

  • Encryption Method: AES
  • Key Length: 256 bits

Adding the Plugin in Monaca Cloud IDE

  1. From Monaca Cloud IDE menu, go to Configure → Cordova Plugin Settings .

  2. Under Available Plugins section, hover over the the SecureStorage plugin and click Enable button.

Methods

Method Description
Set Data Save data into the storage by specifying the key and value. The boolean callback will notify whether the data is successfully saved (True) or failed to save (false).
plugins.secureStorage.setItem   (key, value, function(result) {
// result: true=success, false=error
});
Get Data Retrieve data associated with the specified key. The callback will return the intended data if the key is found; otherwise, a null value will be return.
plugins.secureStorage.getItem(key, function(value) {
// value: null = no such a value
});
Delete Data Delete the data associated with a specified key. The boolean callback will notify whether the data deletion is successful (True) or failed (false).
plugins.secureStorage.removeItem(key, function(result) {
// result: true=success, false=error
});
Delete All Data Delete all data in the storage. The boolean callback will notify whether the data deletion is successful (True) or failed (false).
plugins.secureStorage.clear(function(result) {
// result: true=success, false=error
});

App Store Submission

In this plugin, we use the encryption library of iOS SDK. Therefore, in order to release the built app embedded this plugin to the App Store, you need to set 2 options when you submit your app for a review. Under the Export Compliance section, please choose “Yes” for both questions as shown in the screenshot below:

Change of data storage method

This feature is available in version 2.0.0 and later.

Change the storage method of encrypted data. This change can enhance security. Data saved by the Secure Storage Plugin can only be read by the saved device. If the application is launched on another terminal, eg, backed up The data saved by this plugin is different from the saved terminal and can not be read.

If you change the storage method, please note that you can not restore it.
Data saved in "Static" mode can not be retrieved in "Individual" mode.
Also, data saved in "Individual" mode can not be retrieved in "Static" mode.

How to set

Security is enhanced as the individual mode by adding the following settings to config.xml.

<preference name="SecureStorageMode" value="individual" />

About data migration from plugin version 1.x

Data saved with version 1.x is automatically migrated to the specified mode. As an example, if data saved in version 1.x is processed in version 2.x (static mode), data handled in version 1.x will be migrated in static mode.

Please note that if you change the mode from Static to Individual while using version 2.x, data can not be acquired.

See Also: