News · 3 Jul 2010 · MTW Editorial Team
Microsoft’s Rob Tiffany has just posted an article discussing Windows Phone 7′s Data Encryption features. People think that the lack of socket support and other functionalities means that WP7 only supports SSL encryption via IEMobile but this isn’t true. The OS currently includes support for the following cryptographic algorithms (that can be accessed via Silverlight apps):
•AES
•HMACSHA1
•HMACSHA256
•Rfc2898DeriveBytes
•SHA1
•SHA256
Rob included a sample application and tutorial detailing the different steps involved with build secure application featuring data encryption.
Encrypting the sensitive data you use in your Windows Phone 7 apps is completely within your reach. When you combine this with the following security elements:
•Apps are tested, digitally signed and securely delivered via the Windows Phone Marketplace
•No side-loading of potentially insecure apps
•SSL for data in transit
•Managed apps run inside secure sandbox
•Apps have private, inaccessible Isolated Storage
•Exchange Policies including PIN lock enforcement + Remote wipeIt’s clear that Windows Phone 7 has an excellent app security story that’s not only good for consumers, but also means that this mobile app platform is prime-time ready for the Secure Enterprise.
Source: Rob Tiffany
Buyer action
Where to buy or check next
Use this as the final check before ordering a phone, changing network or trusting a headline monthly price.
