Question #265MediumFlutter BasicsImportant

How flutter secure storage plugin stores the key in both android and iOS ?

#flutter#storage#android#ios

Answer

Flutter Secure Storage Plugin

flutter_secure_storage uses platform-specific secure storage:

Android Implementation

Uses Android Keystore (hardware-backed when available):

java
// Under the hood - Android code
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
SecretKey key = (SecretKey) keyStore.getKey("key_alias", null);

Process:

  1. Data encrypted with AES key
  2. Key stored in AndroidKeystore
  3. Key protected by device lock screen
  4. Hardware acceleration if available

iOS Implementation

Uses iOS Keychain:

swift
// iOS Keychain - secure by default
SecurityClass: kSecClassGenericPassword
AccessibleAttribute: kSecAttrAccessibleWhenUnlockedThisDeviceOnly

Process:

  1. Data encrypted and stored in Keychain
  2. Protected by device passcode
  3. Hardware-backed on modern devices
  4. Requires authentication to access

Comparison

FeatureAndroidiOS
StorageAndroidKeystoreKeychain
EncryptionAESHardware
HardwareWhen availableAlways
Access ControlDevice lockBiometric/Passcode

Usage

dart
final storage = FlutterSecureStorage();

await storage.write(key: 'token', value: 'secret_token');
final token = await storage.read(key: 'token');
await storage.delete(key: 'token');

Security: Both methods are cryptographically secure.

Previous
how to securely store the access token , refresh token or any key in android , ios device ?
Next
What is the difference between hive , objectbox , sqlite database in flutter ?

Related Questions

#1

Data types in flutter or dart

Easy
#2

Diff btw final & const

Medium
#3

Diff btw var vs dynamic

Medium
#5

Oops concept

Medium
#6

Lifecycle of stateful widget and explain everything

Medium