Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
203591ca0582c2a680d4e862b66d8e58db9fa3e2
Kordant/tasks/ios-production/07-keychain-data-protection.md
Michael Freno 5214412fff get to prod tasks
2026-05-26 16:06:34 -04:00

2.9 KiB
Raw Blame History

07. Keychain & Data Protection Audit

meta: id: ios-production-07 feature: ios-production priority: P1 depends_on: [] tags: [security, data-protection, production]

objective:

  • Audit and harden all keychain usage and data protection to ensure sensitive data is stored securely

deliverables:

  • Keychain audit report
  • Data protection class review
  • Secure data deletion
  • Encryption audit

steps:

  1. Audit keychain usage:
    • Review iOS/Kordant/Services/KeychainService.swift
    • Verify all sensitive data stored in keychain (not UserDefaults)
    • Check keychain accessibility levels:
      • JWT tokens: kSecAttrAccessibleWhenUnlockedThisDeviceOnly
      • Refresh tokens: kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly
      • Biometric flag: kSecAttrAccessibleWhenUnlockedThisDeviceOnly
    • Verify keychain items migrated to correct accessibility
  2. Audit data storage:
    • Review CacheManager.swift — should not store sensitive data
    • Review UserDefaults usage — only non-sensitive preferences
    • Verify no sensitive data in app sandbox documents
    • Check Core Data or SQLite encryption if used
  3. Implement secure deletion:
    • Overwrite sensitive data before deletion
    • Clear clipboard after password copy (if applicable)
    • Auto-lock app after backgrounding (optional)
  4. Review data protection classes:
    • File protection: NSFileProtectionComplete for sensitive files
    • Keychain: appropriate accessibility per item type
    • Backup: exclude sensitive items from iCloud backup
  5. Add encryption for local data:
    • Encrypt cached API responses containing PII
    • Use AES-256 with key from Secure Enclave
    • Implement secure key rotation
  6. Test data protection:
    • Device locked → keychain items inaccessible
    • Device backup → sensitive items excluded
    • App deletion → all sensitive data removed

tests:

  • Unit: Test keychain store/retrieve/delete
  • Security: Verify data inaccessible when device locked
  • Integration: Test backup exclusion

acceptance_criteria:

  • All sensitive data (tokens, passwords) stored in keychain
  • Keychain accessibility set to ThisDeviceOnly where possible
  • No sensitive data in UserDefaults or app documents
  • Cached data encrypted at rest
  • Sensitive items excluded from iCloud backup
  • Secure deletion overwriting data before removal
  • Data inaccessible when device locked (if applicable)
  • All keychain operations have error handling

validation:

  • Inspect keychain → JWT stored with correct accessibility
  • Check UserDefaults → no sensitive data found
  • Lock device → keychain items inaccessible
  • Backup device → sensitive items not in backup
  • Delete app → reinstall → no previous data accessible

notes:

  • Keychain persists across app reinstalls — consider this in design
  • kSecAttrAccessibleWhenUnlockedThisDeviceOnly is most secure
  • Use Data Protection API for file-level encryption
  • Consider using CryptoKit for data encryption
Reference in New Issue View Git Blame Copy Permalink