Storage and encryption
Storage
It is strongly recommended to use the internal storage. However, you can override the default storage directory of the Scanbot SDK on initialization.
The ScanbotBarcodeScannerSDKInitializer class provides the method sdkFilesDirectory(Application application, File sdkFilesDirectory) which allows changing the default storage directory.
Example:
import io.scanbot.sdk.barcode_scanner.ScanbotBarcodeScannerSDKInitializer;
// Example for using a sub-folder in the external(!) storage:
File customStorageDir = new File(getExternalFilesDir(null), "my-custom-storage-dir");
customStorageDir.mkdirs();
new ScanbotBarcodeScannerSDKInitializer()
.sdkFilesDirectory(this, customStorageDir)
...
.initialize(this)
When overriding the default storage location, make sure
- you have implemented a suitable storage permissions request handling
- the storage directory is available (e.g. unmounted SD card).
Encryption
By default, encryption for barcode images is disabled.
The Scanbot Barcode Scanner SDK provides the ability to encrypt all stored barcode images in the SDK app folder.
To do this you have to follow the next steps:
- Add the Scanbot SDK Crypto Persistence library to your app dependencies
implementation("io.scanbot:barcode-sdk-crypto-persistence:VERSION")
- Enable file encryption in
ScanbotBarcodeScannerSDKInitializer
ScanbotBarcodeScannerSDKInitializer()
.useFileEncryption(true)
.initialize(this)
And that's it!
The default Encryptor implementation uses the AndroidX Crypto solution under the hood.
More info can be found here: https://developer.android.com/privacy-and-security/security-tips
The file encryptor uses AES256_GCM_HKDF_4KB file encryption scheme. More info here: https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedFile.FileEncryptionScheme
There are a few limitations of encryption libraries usage:
security-cryptoandsecurity-identity-credentialAndroidX libraries are still in development and have an Alpha version- Version 1.1.0-alpha02 of the Security library is supported on devices that run Android 7.0 (API level 24) and higher.
Furthermore, the Scanbot SDK provides a custom AES based encryption solution io.scanbot.sdk.persistence.fileio.AESEncryptedFileIOProcessor.
To enable it you have to set it in the SDK initializer in the useFileEncryption() method:
.useFileEncryption(true, AESEncryptedImageFileIOProcessor("any_user_password", AESEncryptedFileIOProcessor.AESEncrypterMode.AES256))
AESEncryptedFileIOProcessor does not save the password in any secure storage between app sessions, so you have to implement this by yourself and reuse it for SDK initialization.
The Scanbot SDK allows setting up a completely custom encryption implementation.
To do this you have to implement io.scanbot.sdk.persistence.fileio.FileIOProcessor interface and pass it to the useFileEncryption(true, your_file_io_processor) method.
An instance of FileIOProcessor will be available during the app session and the user can use it to read and copy decrypted image files and Bitmaps.
For example:
val scanbotBarcodeScannerSDK = ScanbotBarcodeScannerSDK(context)
val decryptedImageBitmap: Bitmap = scanbotBarcodeScannerSDK.fileIOProcessor().readImage(source: File, options: BitmapFactory.Options? = null)
Want to scan longer than one minute?
Generate a free trial license to test the Scanbot SDK thoroughly.
Get your free Trial LicenseWhat do you think of this documentation?
What can we do to improve it? Please be as detailed as you like.