Storing Payment Data On iOS: My Take
Do you know what I’ll say
In an interview or during your usual work, you might need to think about how you would store user credentials. You might even go so far as to consider how you might store payment data.
Let’s take a look at this in a little bit of detail.
The ideas
My intuition for most security questions on the device is this:
- don’t store it unless you really have to
Particularly when it comes to payment data. In terms of retail Apps I would encourage most product owners to look at using a third-party payment solution (Stripe is excellent) and although the payment process can look native (you’re not sending a user to a website for example) you aren’t actually processing the payment on device and certainly shouldn’t be storing the details on the device at all.
This removes the security aspects of needing to store payment data on a device (and answers further questions about transportation if the user has several iOS devices or an iPhone and an iPad, for example).
I will concede that there is some data you might want to store on device and keep secure. There might even be some cases where you want to store payment details and the like in your App and you are responsible for…
