Hi.
I’m new here and couldn’t find any posts explaining how security is done fr the wallet. When I add a new NEO wallet, the program says that the private keys will be stored on the phone. It sounds as a not very secure way that may allow for stealing the private keys. Any opinion on this? Please give me links if the topic was discusses somewhere.
Thanks
On iOS private keys are stored in a secure area called the keychain
https://developer.apple.com/documentation/security/keychain_services
The keychain itself has system level encryption based on either the passcode that is set on your device (or touch ID and face ID).
The keychain is specifically developed by Apple to protect sensitive information (like your private key).
When the Private Key is saved only the O3 application can request the private key from the keychain. So there is absolutely no chance of any malware, or malicious software being able to get your private key.
This is important because the vast, vast majority of hacked private keys occur due to some form phishing, which is impossible on the O3 app. For these reasons we believe that a private key stored on your mobile phone is arguably more secure than on a desktop computer because you completely eliminate the chance of phishing, software spoofing, and keylogging attacks.
The only way anyone could ever access the private key is if they have your device AND they know your passcode. All transactions from O3 require pin code authentication so even if the phone is unlocked and the app is open, the thief would still have to know the passcode in order to transfer funds or view the private key.
Rest assured that we take security of your private keys very seriously on O3
Thank you for detailed clarification. Until something bad happens I will assume high security of the funds. Does the same apply to Android? I’m using Android based phone! Thanks