SQLite Context.MODE_PRIVATE
As commonsware mentioned, SQLite databases on internal storage are private by default. But as mentioned by others rooted phone as always access to your file.
Rather you can use any encryption algorithm to save the data in DB which will help you to restrict the readability unless intruder know the encryption algorithm.
You cant set "Context.MODE_PRIVATE" flag in SQLite.
Option 1: Use SQLcipher.
Option 2: Secure Method Ever No Chance To Hack. It is not perfect, but it is better than nothing.
1) Insert data using this Function:
public static String getEncryptedString(String message) { String cipherText = null; try { Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(("YOUR-SECURE-PASSWORD-KEY").getBytes(), "AES")); byte[] bytes = cipher.doFinal(message.getBytes()); cipherText = Base64.encodeToString(bytes, Base64.DEFAULT); } catch(Exception ex) { cipherText = "Error in encryption"; Log.e(TAG , ex.getMessage()); ex.printStackTrace(); } return cipherText;}2) Get data from the database and pass into this function parameter:
//This function returns output string public static String getDecryptedString(String encoded) { String decryptString = null; try { byte[] bytes = Base64.decode(encoded, Base64.DEFAULT); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(("YOUR-SECURE-PASSWORD-KEY").getBytes() , "AES")); decryptString = new String(cipher.doFinal(bytes), "UTF-8"); } catch(Exception ex) { decryptString = "Error in decryption"; ex.printStackTrace(); } return decryptString;}3) Benefits of these methods: - Not possible to decrypt without the right Key. - AES Encryption is a very secure encryption method.
4) Store your AES key in the c++ file.