Whatsapp messenger user data security analysis on Android.

This paper presents a security analysis of locally stored end-user data, as well as the specifics of working with them in the Whatsapp application for Android operating systems. The application test version was 2.21.15.18 build number at the time of this writing. According to a specific scenario, test user data was generated in the application, from which sources of information with critical data were selected. During the study, information stores (databases, text files, media attachments, and others) that could potentially contain sensitive information were identified in the internal data of the application. For each discovered storage, an analysis was made of the implemented protection measures against unauthorized access. For the application as a whole and for private data, a qualitative assessment was made of the implementation of protection mechanisms on a qualitative basis (the mechanism is implemented/absent), inherent for any mobile applications, as well as specific specifically for applications of the class of messengers. As a result, deficiencies were discovered related to the inaccessibility of certain protective mechanisms on specific versions of the Android operating system, which could lead to the compromise of user data. [ABSTRACT FROM AUTHOR]