In-app Billing Version 3 API SharedPreferences storage alternative

Question

I'm going through the implementation of Android's In-app Billing Version 3 API, and came across the following warning in Android's sample code:

/*
 * WARNING: on a real application, we recommend you save data in a secure way to
 * prevent tampering. For simplicity in this sample, we simply store the data using a
 * SharedPreferences.
 */

I just need to store a simple flag if the user purchases an item, and using an SQLite database seems like overkill. I was just wondering what my alternatives are, seeing as though it looks like Android advises against using SharedPreferences.

score 0 · Accepted Answer · edited May 23 '17 at 12:12

Storing data locally on the device is generally considered insecure, and it's not too difficult for a user to access and modify their devices shared preference file. There is no silver bullet here, but the recommended approach is to use your own server and communicate using a network connection.

For your purposes however, the simplest "secure" approach would be to encrypt the SharedPreferences data (see this post).

In-app Billing Version 3 API SharedPreferences storage alternative

1 Answers1