We are in the process of creating an offline application(for android, uwp & ios) using Xamarin Forms with editing capabilities for the field worker.
The workflow is to download the offline map package (.mmpk file), record/edit records in the field and post it whenever network is restored.
One of the concerns we have is the security of the map package, the data is sensitive and the customer would not like it to be tampered, except by the concerned application.
Is there any workflow to secure this map package?
We're investigating workflows for ArcGIS Pro and ArcGIS Runtime to support aspects such as encryption, password protection, and expiration of mobile map packages. At this time all I can say is these features are on the roadmap.
Any detail on which Arcgis version is going to carry this functionality?
As of now, we are securing the files inside a local password protected DB.Which is extracted on the fly by the application and destroyed upon usage.
It would be nice to hear more about the approach you intend to take, in order to resolve the issue.
I can't share any information yet on password protection / encryption but support for expiration of mmpk files is on the short term roadmap for an upcoming release of ArcGIS Pro (it was included in the ArcGIS Runtime v100.5 API in readiness).
Thank you for the info Michael.
Are there any updates on encryption of mmpk files?
this will be helpful
Generally on iOS and Android, if you store data within the application's own storage area, there's no way for any other app to get at it (unless you explicitly enable that). For Android you should ensure your doesn't allow to be installed on an SD Card (albeit I believe it's still encrypting that area).
I'd suggest you should read up on how Android and iOS stores data securely. They can lock it down much better at the hardware level, than an SDK would ever be able to do, so using the built-in features of the OS is always more secure.
WRT UWP, data is stored in a folder that does require some admin access to get to, but that's about as secure as that gets - once you're elevated to administrator you can do pretty much anything. However you should consider using Bitlocker on the device to encrypt the harddrive and reduce admin access to a select few. Especially with a TPM chip on device, that gets pretty tricky to hack into.
Thank you for your time Morten,
For android and ios secure storage helps but the UWP has been a concern, shall look into your suggestions.