® Traveler relies on the Domino
® infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino
name formats, along with the user's HTTP password, or it can be something defined with the Directory Assistance database. All devices use HTTP Basic Authentication, so HTTPS is recommended for security reasons unless using a VPN or a secured network.
Account information and passwords
All credentials are encrypted using AES 256-bit encryption and stored in application preferences storage. If Disable local password storage
is checked, the password is not stored and the user is prompted for the password when needed.
ID password used for reading Domino
encrypted mail is cached for the duration specified by the device lockout timeout and stored in volatile memory only accessible by the IBM Notes
The mail body and all attachments are encrypted using AES 256-bit encryption. This is true if stored on either internal or external storage.
The rest of the data is stored unencrypted in internal storage. This is only available to the IBM Notes
Traveler application based on the Android application security model.
Contacts data is stored using the Android OS Contacts Contract and is accessible to the contacts application through those APIs.
Parent topic: Device security