0

In my application i have to take image using camera and save it. Is it possible to save these images to database as it should be secure. Or is there any way to save image in sd card in a way that other application cant view it Please give some advice and thanks in advance.

Lucifer
  • 29,392
  • 25
  • 90
  • 143
Jithin Sunny
  • 3,352
  • 4
  • 26
  • 42
  • Do not consider your image being "safe" at any place on an Android phone. If it is rooted, you'll have no chance to hide anything. Please check out this answer INCLUDING the discussion below: http://stackoverflow.com/questions/12211255/in-app-billing-how-to-store-information-that-user-has-paid/12211511#answer-12211511 – Nippey Nov 09 '12 at 06:28

3 Answers3

3

You can save it to database, but it is not recommended since the SQL Lite database is not intented for this purpose.

Its better to save the image to the cache directory of your application so that no other application can access it unless the device is rooted.

You can use : 

context.getCacheDir()

to get the path to cache directory.

Eldhose M Babu
  • 14,382
  • 8
  • 39
  • 44
  • 1
    Just one more thing, even in case of rooted devices, we can make a little change on the part of image format, so that other applications can not recognize these are images. Then when we read back to app, just restore from these changed bits. You got very simple encryption :) – toantran Nov 09 '12 at 06:19
  • @autobot_101 : Great until somebody reverse-engineers your app or, probably simpler, reverse-engineers one of the images to discover the "little change". – Squonk Nov 09 '12 at 06:32
  • @Squonk : I think Sunny is not looking for that much security. If its like that, the client side saving is not recommended. Then the data should be saved at server side. – Eldhose M Babu Nov 09 '12 at 06:41
  • @EldhoseMBabu : "I think Sunny is not looking for that much security." In my experience of Android questions of this sort here on stackoverflow, the OP usually really IS asking how to completely secure their app's data from other applications. I agree that more complete security requires moving data off the phone to a server but that relies on the app having a "server side". – Squonk Nov 09 '12 at 06:51
  • @Squonk : Then what do you think as a better solution for this case? – Eldhose M Babu Nov 09 '12 at 08:38
0

Using camera and save the image is done by this http://code.google.com/p/crw-cmu/source/browse/luis/PhotoIntentActivity/src/com/example/android/photobyintent/PhotoIntentActivity.java?r=734

It will take the image from the camera and save it to sd card. I would suggest this way if your image has a big size , else you can save it your database. Also, if you do not want to be not viewed by other application save the image inside data folder in your application so that only your app can access.

John Smith
  • 2,668
  • 7
  • 30
  • 34
0

If you are thinking about saving an image to a database then you may as well save it to the internal memory and save the path to it in a database. Be aware that if a phone is rooted then any application can access the internal storage area of your app.

There is no way to secure files on the SD card from other applications unless you encrypt them. In this case, you'll need to embed security keys (obviously) and if somebody reverse-engineers your app then the encryption is compromised.

In short - nothing is secure on a rooted phone and securing data on SD card is not guaranteed.

Squonk
  • 48,735
  • 19
  • 103
  • 135