Add-On Security

Encrypted Storage

By default, all the data stored by the SDK on the device is inside the application sandbox. This prevents other applications from accessing the data(both read and write). Though due to compliance standards or any other use cases, you might want additionally encrypt the data stored on the SDK.

To enable this encryption you need to

SDK Installation

Installing using Catalog

Integration using a Version Catalog is the recommended way of integration; refer to the Configure Version Catalog document to configure a catalog if not done already. Once you have configured the catalog add the dependency in the app/build.gradle file as shown below

build.gradle
dependencies {
    ...
    implementation(moengage.bundles.storageEncryption)
implementation("androidx.security:security-crypto:1.1.0-alpha05") }

Alternatively, you can add the dependency using Artifact ID as described in Installation using Artifact ID. However, installation using Catalog ID is the recommended approach as installing using Artifact ID may lead to version mismatch if mapped incorrectly. 

Enabling Encryption

You can enable the storage encryption using the configureStorageSecurity() API in the MoEngage.Builder while initializing the SDK.

Kotlin Java
val moEngage = MoEngage.Builder(this, "YOUR_APP_ID")
    .configureStorageSecurity(StorageSecurityConfig(StorageEncryptionConfig(true)))
    .build()
MoEngage.initialise(moEngage)

Note:

  • If storage encryption is enabled in the initialization without adding the above-mentioned dependencies, SDK wouldn't function i.e. no events/user attributes would be tracked, push notifications would not be shown, etc.
  • Once storage encryption is enabled and a build is released to production(Play Store or other equivalent stores), you should not disable encryption. Disabling the encryption after the build is released will result in a new user being created in the MoEngage system when the user updates the application.

Encrypted Network Communication

By default, we use HTTPS protocol for all requests made from the SDK; HTTPS encrypts the requests by default. MoEngage SDK optionally adds another layer of encryption apart from the encryption done by HTTPS.
To enable this additional encryption, you need to

SDK Installation

If you have enabled Storage encryption, you can skip the installation step and jump to the Enabling Encryption step.

Installing using Catalog

Integration using a Version Catalog is the recommended way of integration, refer to the Configure Version Catalog document to configure a catalog if not done already. Once you have configured the catalog add the dependency in the app/build.gradle file as shown below

build.gradle
dependencies {
    ...
    implementation(moengage.security)
}

Alternatively, you can add the dependency using Artifact ID as described in Installation using Artifact ID. However, installation using Catalog ID is the recommended approach as installing using Artifact ID may lead to version mismatch if mapped incorrectly.

Enabling Encryption

You can enable the network encryption using the configureNetworkRequest() API in the MoEngage.Builder while initializing the SDK.

Kotlin Java
val moEngage = MoEngage.Builder(this, "YOUR_APP_ID")
    .configureNetworkRequest(NetworkRequestConfig(NetworkDataSecurityConfig(true, "YOUR_TEST_ENVIRONMENT_ENCRYPTION_KEY", "YOUR_LIVE_ENVIRONMENT_ENCRYPTION_KEY")))
    .build()
MoEngage.initialise(moEngage)

Note: When using encrypted network communication, we strongly recommend you enable Storage encryption as well.

Network Request Authorization

To enable the network request authorization you need to

SDK Installation

If you have enabled Storage encryption or Encrypted Network Communication, you can skip the installation step and jump to the Enabling Authorization step.

Installing using Catalog

Integration using a Version Catalog is the recommended way of integration, refer to the Configure Version Catalog document to configure a catalog if not done already. Once you have configured the catalog add the dependency in the app/build.gradle file as shown below

build.gradle
dependencies {
    ...
    implementation(moengage.security)
}

Alternatively, you can add the dependency using Artifact ID as described in Installation using Artifact ID. However, installation using Catalog ID is the recommended approach as installing using Artifact ID may lead to version mismatch if mapped incorrectly.

Enabling Authorization

You can enable the network authorization using the configureNetworkRequest() API in the MoEngage.Builder while initializing the SDK.

Kotlin Java
val moEngage = MoEngage.Builder(this, "YOUR_APP_ID", <DATA_CENTER>)
    .configureNetworkRequest(NetworkRequestConfig(NetworkAuthorizationConfig(true)))
    .build()
MoEngage.initialise(moEngage)
info

Note

Adding the above dependency and enabling the flag isn't enough for this feature to work; there is some additional configuration required on our side to enable this feature completely. In case you want to use this feature, reach out to your account manager or drop us an email at support@moengage.com.

Previous

Next

Was this article helpful?
0 out of 0 found this helpful

How can we improve this article?