GeneXus Community Wiki
Image
Search
TBWelcome
Sign up
Login
Settings
Change Password
Logout
Login
Sign in
Text Block
Logout
OWASP Top 10 2016 Mobile in GeneXus Applications (Android)
Table of contents
Page Id
40815
M1: 2016 - Improper Platform Usage
M2: 2016 - Insecure Data Storage
M3: 2016 - Insecure Communication
M4: 2016 - Insecure Authentication
M5: 2016 - Insufficient Cryptography
M6: 2016 - Insecure Authorization
M7: 2016 - Poor Code Quality
M8: 2016 - Code Tampering
M9: 2016 - Reverse Engineering
M10: 2016 - Extraneous Functionality
...
Page Tools
Add a category
Add a group
Page Info
Also seen in
Other document versions
i
Text Block
Recents:
M2: 2016 - Insecure Data Storage
This documentation is valid for:
OWASP Documentation
Actions by GeneXus
The cryptographic keys are stored on the
Android KeyStore
.
GeneXus allows the developer to
enable/disable the application log
(disabled by default). If the log is enabled (even with Debug Mode On) GeneXus does not write sensitive information on it.
GeneXus does not expose Content Providers or Services and does not allow the developer to do it.
The device Data Base can be encrypted.
Actions by Developers
Use the
SecureSet Method
of the
ClientStorage external object
to persists sensitive data.
Do not add sensitive information to the application log.
Use the
Is Password property
to mask password texts.
Page Id
40817
Anchor
Edit
—
Created: 20 September 2018 -
Last update: 2 October 2018
by
sgrampone
Next:
Next: M3: 2016 - Insecure Communication
Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Sure!
No
Additional feedback?
comment
Thank you for your feedback!
Backlinks
See all
More from sgrampone
See all
Last update: March 2025 | © GeneXus. All rights reserved. GeneXus Powered by Globant
Ask here!