MASTG-TEST-0305: Sensitive Data Stored Unencrypted via DataStore

Placeholder MASTG-TEST

This test hasn't been created yet and it's a placeholder. But you can check its status or start working on it yourself. If the issue has not yet been assigned, you can request to be assigned to it and submit a PR with the new content for that test by following our guidelines.

Check our GitHub Issues for MASTG-TEST-0305

If an issue doesn't exist yet, please create one and assign it to yourself or request to be assigned to it.

Draft Description

This test checks if the app uses the modern Jetpack DataStore API (Preferences DataStore or Proto DataStore) to store sensitive data (e.g., tokens, PII) without encryption. It confirms the absence of secure serializers or mechanisms to protect data integrity and confidentiality.

For more details, check the associated weakness: Sensitive Data Stored Unencrypted in Private Storage Locations

Demos

MASTG-DEMO-0069: Sensitive Data Stored Unencrypted via DataStore