Should I protect (encrypt) my app's database or is it automatically protected from other apps?

security ios iphone encryption

My app asks the user several questions then stores all the answers in a local sqlite database file (e.g. answers.db). No data is transmitted outside the phone but answers are stored to let the user reflect on her old/previous answers on a monthly/yearly basis. Some answers may include highly confidential / sensitive information (e.g. religion, health, etc.) and I am worried this file may pose a risk.

Can other apps installed in the same iPhone read this sqlite file? And can a file explorer copy/paste this file if the user connects the iPhone to her computer?

In summary: should I manually encrypt my app files or is Apple automatically taking care of this? I have browsed Apple security documentation and this information is difficult to find (for me).

Anyone knows?


Solution 1:

You must actively encrypt sensitive data. This is the only way you can reliably manage the risk involved.

Every iOS application's data is stored within a container. In theory only your application and the operating system can access the contents of this container.

You can opt for the operating system to handle the encryption for your app:

Encrypting Your App’s Files

Protect the user’s data in iOS by encrypting it on disk.

Overview

Data protection is an iOS feature that you use to secure your app’s files and prevent unauthorized access to them. Data protection is enabled automatically when the user sets an active passcode for the device. You read and write your files normally, but the system encrypts and decrypts your content behind the scenes. The encryption and decryption processes are automatic and hardware accelerated.

Files containing personal information about the user, or files created directly by the user, always warrant the strongest level of protection. Assign the complete protection level to user data files and manage access to those files using the app delegate methods. The app delegate methods give you time to close the files before they become inaccessible to your app.

Related

Rstudio Server in Mac Mojave
Need to update Make on Catalina, other brew related answers are out of date
tracing stuck local to local mails in macOS
MacBook Pro: "Zero bytes left on iCloud" even after upgrading storage plan
Mac Mini Sleeping When Idle
What is the probability of a random natural number being a power of $10$
graph-theory problem about outdegree and indegree
Induction problem: a formula for $\sum_{i=1}^n i(i+1)$
Technique for finding the nth term
Find the coefficient of the term $x^2$ in $\left(x+\frac 2x\right)^{4}$
How to factor polynomials in $\mathbb{Z}_n$?
Proof of divisibility with combinatorics