Amandeep Kaur (Amandeep)
Pega Developer
Amandeep Member since 2013 6 posts
Posted: September 8, 2020
Last activity: September 8, 2020
Posted: 8 Sep 2020 1:35 EDT
Last activity: 8 Sep 2020 1:50 EDT

Pega Mobile App - v 8.1.2

Hi All,

We are using Pega mobile app v8.1.2 and got results of our penetration testing.The concerns were raised around the storage of application documents. Can anyone please suggest how to achieve this?

Problem statement: Mobile apps should store all their files within their own directories that only the app has visibility of, due to strict file/folder permissions inherent to the Android file system. In some cases, permissions may be loosened within an app’s file structure allowing other apps visibility into the contents of the files and folders.   Additionally, storing files on the /sdcard partition is insecure, as all apps have visibility of the files within this partition. 

Recommendation:  • Ensuring all files and folders only allow the app’s user/group read/write permissions 


Pega Mobile Client Case Management Government