Securing Data on a Mobile Device
Phones are lost, stolen and shared. Any sensitive information your app stores or transmits must be protected so that, even if a device falls into the wrong hands, your users' data stays safe.
Mobile security is a combination of how data is stored, how it travels, and how access is controlled — each layer matters.
Why Mobile Needs Special Care
A phone is far more exposed than a server in a data centre. It can be lost, stolen, sold on or shared, and it connects through public Wi-Fi you do not control. That reality shapes how we handle any sensitive information: we assume the device itself may fall into the wrong hands and design so that, even then, your users' data stays protected and unreadable.
Layers of Protection
- In transit: all communication encrypted so it cannot be intercepted.
- At rest: sensitive data encrypted and stored in the platform's secure keystore.
- Access: requiring a login or biometric check for sensitive screens.
- Minimisation: not storing what we do not truly need.
Our Standard Approach
We store credentials in the device keychain or keystore rather than plain files, encrypt sensitive local data, and never log secrets. The safest data is the data we never keep, so we keep only what is necessary.
Frequently Asked Questions
Is the data safe if the phone is stolen?
With proper encryption and device-level protection, sensitive data remains unreadable to anyone without the user's credentials.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.