Data encryption demoed on Windows Phone 7

Data Encryption demoed on Windows Phone 7 Unlike Windows Mobile, which has the option for encrypting local storage and storage cards, Windows Phone 7 devices will take a step back by not providing this feature, meaning a hacker with minimal resources can read the data of applications and the OS by just dismounting the storage from the device.

Fortunately for those who are concerned by this, particularly those writing enterprise applications, it should be reassuring to know that Windows Phone 7 does provide the tools to encrypt stored data, using a variety of algorithms including AES, HMACSHA1, HMACSHA256, Rfc2898DeriveBytes, SHA1 and SHA256.

To learn more about implementing these tools in your software, see this test application written by Rob Tiffany here.

Rob notes that in combination with Isolated storage, SSL for data transfer and managed 3rd party applications, this makes Windows Phone 7 as secure as it really needs to be.