Mobile App Security and Encryption Overview

The Metric Insights mobile apps follow all best practices related to security and encryption. Both apps store as little information on the phone as possible: Metadata about each object is stored to generate the list in the "Analyst Insights" homepage view, and Metric data is stored for rendering Metrics in more recent versions. Images and Dataset Reports (stored as PDF files) are stored locally in sandboxed directories that cannot be accessed by other applications.

Both iOS and Android support biometric authentication via Touch ID / fingerprint scanning.

iOS

  1. Images and cached data are stored locally in the application’s sandboxed (isolated) documents directory that cannot be accessed by other applications or the phone's owner without root access and significant effort.
  2. The app uses HTTPS for all our requests to the Metric Insights server
  3. The app does not save any passwords, only authorization tokens with a limited lifetime.

Android

  1. Images and cached data are stored locally in the application’s sandboxed (isolated) documents directory that cannot be accessed by other applications or the phone's owner without root access and significant effort. More information on secured/sandboxed directory in the Android system folder. The application stores the user's email, name, server-url, token, and all chart data.
  2. The app uses HTTPS for all our requests to the Metric Insights server. Each request is sent with a unique user token.
  3. The app does not save any passwords, only authorization tokens with a limited lifetime