Mutual Mobile
Published in

Mutual Mobile

How is Block Store Redefining User App Security?

Smartphones and computing devices have never been this important. An essential aspect of using these devices is to sign in to your apps and websites. Users’ sense of security on the Internet is based on passwords and their usage. However, this dependency on passwords also brings up the issue of user authentication.

User authentication is the process by which an application verifies users’ identity. This involves two steps wherein first, the authentication confirms if an account exists for the user, and secondly, if they have permission to access the application. Hence, user authentication plays a significant role in boosting the security of an application.

When you are using a new Android device, there are numerous apps that you have to sign in to use. In such cases, most users opt to manage their credentials. The combination of these two aspects can be a frustrating experience for users. This is because they have to remember different credentials for each app. This friction can result in numerous users not reengaging with specific apps on their new devices.

Key Challenges Faced by Developers for User Credentials

  • Doubts regarding what to implement.
  • Requiring to implement multiple solutions simultaneously and ensuring they work together seamlessly.
  • Confusion about which solutions to prioritize and integrate.

Key Challenges Faced by Users

  • Most users don’t save their existing credentials.
  • Federated identity and password managers are great tools to use, but unfortunately, most users don’t opt for them. This is because the users do not trust or understand these solutions. Furthermore, these users end up using the same or insecure passwords across multiple applications.

The answer to the challenges above is simple — Block Store. So, let’s take a look at what Block Store exactly is?

What is Block Store?

As mentioned, most users manage login credentials themselves when using a new Android device. Unfortunately, this process can be painstaking and often leads to a subpar user experience. Here is where Block Store enters the frame. It is a library supported by Google Play Services that aims to provide applications with a new method of saving user credentials without the security risk associated with saving user passwords.

Essentially, Block Store is an application programming interface (API) that allows applications to record and store user credentials. Block Store enables these applications to re-authenticate users seamlessly when they sign in through a new device.

What are the Benefits of Using Block Store?

  • Developers have access to end-to-end encrypted credential solutions when possible.
  • Reduces risks associated with saving and managing complex passwords by allowing users to save encrypted tokens.
  • Eliminates friction from sign-in flows by leveraging users’ backup and restore preferences.
  • Users can sign in using various methods — Google account, username and password, or any federated identity provider.

Let’s See Block Store in Action

Configure Your App

  1. In your project-level build.gradle file, include Google’s Maven repository in both your buildscript and allprojects sections:

2. Add the dependencies for the Block Store API to your module’s app-level Gradle file, which is usually app/build.gradle:

Note: For the latest Google Play Services dependencies, please check Google Play Services dependencies

How it Works?

When a user signs into your application, Block Store allows you to generate and save an authentication token for that user. This is done with the help of calling setBytes() using StoreBytesData.Builder.

This allows the application to store user credentials to the source device. Once the token is saved with Block Store, it can be encrypted and stored locally on the device. Users can also store this end-to-end encrypted token on Google Cloud.

The following code snippet shows how to save the authentication token:

Take a look at the following code snippet to understand how to save the authentication token:

When the user returns to your application on a new device, Google Play Services verifies the user and retrieves the Block Store data. No additional permission is required since the user has already agreed to restore app data as part of the restore flow.

The token retrieval from the Block Store can be requested through retrieveBytes(). After the token is retrieved, it can keep the user signed in on the new device. If no token exists for the application, it will return empty bytes in onSuccessListener(). In this case, the application can redirect the user for authentication flow and call setBytes() to save the token post authentication.

Take a look at the following code snippet to understand how to retrieve the authentication token:

If you have any questions about Block Store, you can take a look at this documentation. Hoping you have enough insights to get started.

App Development with Mutual Mobile

It can be challenging to develop applications, especially with the added concern of app security, authentication, user experience, etc. Hence, it is an excellent idea to rope in experts to handle that aspect of your business.

Mutual Mobile has been in the development business for over 12 years and has launched over 700 projects. App development is one of our primary services, and our performance speaks for itself. So, reach out to us for app development, sit back, and allow us to chart a growth towards success.

It can be challenging to develop applications, especially with the added concern of app security, authentication, user experience, etc. Hence, it is an excellent idea to rope in experts to handle that aspect of your business.

Mutual Mobile has been in the development business for over 12 years and has launched over 700 projects. App development is one of our primary services, and our performance speaks for itself. So, reach out to us for app development, sit back, and allow us to chart a growth towards success.

--

--

--

We bring digital experiences to life through an integrated approach to design and technology.

Recommended from Medium

Day #12 with Cloud Workflows: loops and iterations

Mounica’s Journey to a Google Internship

Introducing The Community Compact

From a Docker engine to Docker Swarm to create Tuleap clusters

impossible password

GDG Ogbomoso Maiden Event

Change in WAY2BIT’s largest shareholder upon Kakao Games’ execution of a call option

Abstract Factory design pattern in Python

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mutual Mobile

Mutual Mobile

We’re an innovation consultancy that brings digital experiences to life through an integrated approach to design and technology.

More from Medium

A Global Brand From Day One: the Core Idea, Benefits, and Features of MyTelescope

How to tell if an app is really good?

BRUTALISM IN WEB DESIGN

Best Automation Tips and Tricks