For the offline mobile application, the user data is stored on the phone. I was wondering if this data is easily accessible of if it is stored in a manner that only the mobile app can use it. The user case behind the question is should I store personal detail information in the offline app, or is this a potential security threat. Ideally the information is only accessible after entering an application PIN code in a manner that is also used by the banking mobile applications.
We store the data inside the 'datadirectory' of the app. This protects the data from other apps and outside users. Once you start the app you'll have to login before you can see the data, unless you have enabled Anonymous sessions.