If you want to ensure that your programs are more secure, you can use the following measures to improve program security:
1. Do not store sensitive data on external storage devices, such as memory cards. Store the user name and password in the keystore.
2. ContentProvider uses data operations with parameters to prevent SQL injection.
3. The broadcast receiver, activity, and service do not need to be accessed by other programs. In the configuration file, set the attribute android: exported to false.
You must also set filter conditions or add access permissions.
4. Try to use the IP address C2DM instead of sms. Use security protocols to connect to services, such as using Https instead of http.
5. Do not load dynamic code from outside. The source of dynamic code should be trusted, the code can be verified, and encryption measures should be taken.
6. When using WebView, do not use javascript. do not enable javascript to prevent cross-site scripting attacks. Data Transmission
Https is recommended. Do not cache user information.
7. Check all input data before use.
8. Do not store users' sensitive information on the device or transmit it to the network. Storage, the transmission process needs to be encrypted.
9. Do not enter the credential multiple times. We recommend that you use the access token.
10. to encrypt data, you 'd better select an existing encryption algorithm instead of designing the algorithm yourself.