Secure Storage Plugin for Xamarin and Windows

Many apps need to store sensitive data such as password, credit card numbers, session token etc. This data should not be stored in clear text. Text files and settings store information in plain text. So they are not an option for storing sensitive data.

Each mobile platform has its own mechanism to store sensitive information. This plugin provides a simple API abstracted over iOS, Android and Windows platforms (Phone, Store and UWP). The API is similar to key value storage.

The underlying implementation on each platform takes care of securing the data and storing it. On iOS platform, it is stored using KeyChain. On Android, it uses password protected KeyStore. Windows platform stores it using Data Protection mechanism. However the nitty-gritties of each platform are encapsulated under the hood, keeping the API simple.

The plugin has no dependencies on any package (including Xamarin.Forms, MVVMCross). It can be used by any Xamarin or Windows app. It is open source.

Here are the examples of how to use it:

To store a value:

CrossSecureStorage.Current.SetValue(“SessionToken”, “1234567890”);

To retrieve a value:

var sessionToken = CrossSecureStorage.Current.GetValue (“SessionToken”);

To delete a value:


To check, if a key exists:

var exists = CrossSecureStorage.Current.HasKey (“SessionToken”);


In Android apps, it is required that the password is set by the application prior to use.

SecureStorageImplementation.StoragePassword = "Your Password";

In Windows apps, it is required that the password is set by the application prior to use.

WinSecureStorageBase.StoragePassword = "Your Password";

Two sample apps (one for Xamarin and another for Windows) are provided on the GitHub for your reference.









Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s