Storing and encrypting data with the React Native Data Capture SDK
The Scanbot SDK uses internal secure storage locations for all produced files (JPG, PDF, TIFF, etc.) by default.
-
On Android, all files will be stored in the internal files directory of your application. No permissions are required for your app to read or write files in this directory.
-
On iOS, all files will be stored in the Application Support folder of your application.
Customizing the storage location
It is strongly recommended to use the default storage location.
However, you can override the base storage directory on initialization of the SDK. The initializeSDK method can take an optional parameter storageBaseDirectory to set a custom storage location.
loading...
The value of the storageBaseDirectory must be a file URL ('file:///...) pointing to a valid platform-specific file system path. If the directory does not exist yet, the plugin will try to create it.
When overriding the default storage location, make sure
- you have implemented a suitable storage permissions request handling on Android,
- you fully understand the consequences regarding the accessibility (security) of the produced document files.
👉 For more details about storage locations on Android and iOS, please refer to:
Storage cleanup
The Scanbot SDK does not have an automatic file clean mechanism, since only your app can decide when the perfect time is to remove the image files produced by the SDK.
To avoid storage space issues caused by too many produced image files, we strongly recommend implementing a suitable cleanup functionality based on the requirements of your app.
The SDK provides the following helper method to keep the storage clean:
- ScanbotSDK.removePage({page}) method to delete a specific
Pageobject with all its files. - ScanbotSDK.cleanup() method to remove all generated files by this plugin – scanned and imported images, document page files, barcode images, export files like PDF, TIFF, etc.
Storage encryption
The Scanbot SDK provides the ability to store the generated image and document files (JPG, PDF, TIFF) encrypted. This feature provides an additional level of security to the default secure storage locations of the native SDKs.
By default, file encryption is disabled. To enable it, pass the following config parameters on SDK initialization:
fileEncryptionPassword: A secure password or passphrase to derive the AES key for encryption/decryption.fileEncryptionMode: The encryption mode, eitherAES128orAES256(default and recommended).
loading...
By activating storage encryption, the native Scanbot SDKs will use the built-in AES 128 or AES 256 encryption. All generated image files will be encrypted in memory and stored as encrypted data files on the flash storage of the device.
The Scanbot SDK derives the AES key from the given password, an internal salt value, and the internal number of iterations using the PBKDF2 function.
When applying image operations like cropping, rotation or image filters, the Scanbot SDK will decrypt the image file in memory, apply the changes, encrypt, and store it again.
Displaying encrypted images
If file encryption is enabled you will not be able to display preview images via file URIs (e.g., page.documentPreviewImageFileUri). Instead, you have to load the decrypted data of a preview image and use it for displaying an image.
To do this, use the API function ScanbotSDK.getImageData(imageFileUri):
loading...
Uploading encrypted images
To upload an image, you have the following options:
-
Use the encrypted image file to upload to your server and decrypt it in the backend. Please contact our team to get support on how to generate the corresponding AES key and decrypt images on your backend.
-
Alternatively, you can get the decrypted image data as Base64 on the mobile device by using the ScanbotSDK.getImageData(imageFileUri) function and using this data for the upload process.
Want to scan longer than one minute?
Generate a free trial license to test the Scanbot SDK thoroughly.
Get free trial license