> ## Documentation Index
> Fetch the complete documentation index at: https://moengage-sdk-docs.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Add-On Security

# Encrypted Storage

By default, all the data stored by the SDK on the device is inside the application sandbox. This prevents other applications from accessing the data(both read and write). Though due to compliance standards or any other use cases, you might want additionally encrypt the data stored on the SDK.

To enable this encryption you need to

* Add the below-listed dependencies in your ***app/build.gradle*** file.
* Call the [configureStorageSecurity()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-storage-security.html) to enable the encryption on the [MoEngage.Builder](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) object while initializing the SDK

## SDK Installation

### Installing using BOM

Integration using BOM is the recommended way of integration; refer to the [Install Using BOM](/android-sdk/sdk-integration/basic-integration/Install-Using-BOM) document to configure if not done already. Once you have configured the BOM, add the dependency in the ***app/build.gradle*** file as shown below.

<CodeGroup>
  ```Groovy build.gradle theme={"theme":{"light":"github-light","dark":"github-dark"}}
  dependencies {
      ...
      implementation("com.moengage.security")
  }
  ```
</CodeGroup>

Alternatively, you can add the dependency using Artifact ID as described in [Installation using Artifact ID](/android-sdk/sdk-integration/advanced-or-optional/installing-sdk-using-artifact-id#EncryptedStorage). However, installation using BOM is the recommended approach, as installing using Artifact ID may lead to version mismatch if mapped incorrectly.

## Enabling Encryption

You can enable the storage encryption using the [configureStorageSecurity()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-storage-security.html) API in the [*MoEngage.Builder*](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) while initializing the SDK.

<CodeGroup>
  ```kotlin Kotlin theme={"theme":{"light":"github-light","dark":"github-dark"}}
  val moEngage = MoEngage.Builder(this, "YOUR_Workspace_ID")
      .configureStorageSecurity(StorageSecurityConfig(StorageEncryptionConfig(true)))
      .build()
  MoEngage.initialise(moEngage)
  ```

  ```java Java theme={"theme":{"light":"github-light","dark":"github-dark"}}
  MoEngage moEngage = new MoEngage.Builder(this, "YOUR_Workspace_ID")
      .configureStorageSecurity(new StorageSecurityConfig(new StorageEncryptionConfig(true)))
      .build();
  MoEngage.initialise(moEngage);
  ```
</CodeGroup>

Note:

* If storage encryption is enabled in the initialization without adding the above-mentioned dependencies, SDK wouldn't function i.e. no events/user attributes would be tracked, push notifications would not be shown, etc.
* Once storage encryption is enabled and a build is released to production(Play Store or other equivalent stores), you should not disable encryption. Disabling the encryption after the build is released will result in a new user being created in the MoEngage system when the user updates the application.

# Encrypted Network Communication

By default, we use HTTPS protocol for all requests made from the SDK; HTTPS encrypts the requests by default. MoEngage SDK optionally adds another layer of encryption apart from the encryption done by HTTPS.\
To enable this additional encryption, you need to

* Add the below-listed dependencies in your***app/build.gradle*** file.
* Call the [configureNetworkRequest()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-network-request.html) on the [MoEngage.Builder](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) object while initializing the SDK

## SDK Installation

***If you have enabled Storage encryption, you can skip the installation step and jump to the Enabling Encryption step.***

### Installing using BOM

Integration using BOM is the recommended way of integration, refer to the [Install Using BOM](/android-sdk/sdk-integration/basic-integration/Install-Using-BOM) document to configure BOM if not done already. Once you have configured the BOM add the dependency in the ***app/build.gradle*** file as shown below

<CodeGroup>
  ```Groovy build.gradle theme={"theme":{"light":"github-light","dark":"github-dark"}}
  dependencies {
      ...
      implementation("com.moengage.security")
  }
  ```
</CodeGroup>

Alternatively, you can add the dependency using Artifact ID as described in [Installation using Artifact ID](/android-sdk/sdk-integration/advanced-or-optional/installing-sdk-using-artifact-id#Push-Templates). However, installation using BOM is the recommended approach, as installing using Artifact ID may lead to version mismatch if mapped incorrectly.

## Enabling Encryption

You can enable the network encryption using the [configureNetworkRequest()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-network-request.html) API in the [*MoEngage.Builder*](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) while initializing the SDK.

### Fetch the keys

The key is available on the dashboard. Go to **Settings -> APIs -> API Keys and** copy the **SDK encryption key** for the Test and Live environments (Note: Test and Live environments have separate keys and only the key of the current selected environment will be accessible).

<img src="https://mintcdn.com/moengage-sdk-docs/wDcLdn9RJwJw2yzm/images/fetchthekeys.png?fit=max&auto=format&n=wDcLdn9RJwJw2yzm&q=85&s=2b345bc892d276fcc04692d4a06f8666" alt="Fetchthekeys" width="2998" height="1726" data-path="images/fetchthekeys.png" />

### Configure Network Request

<CodeGroup>
  ```kotlin Kotlin theme={"theme":{"light":"github-light","dark":"github-dark"}}
  val moEngage = MoEngage.Builder(this, "YOUR_Workspace_ID")
      .configureNetworkRequest(NetworkRequestConfig(NetworkDataSecurityConfig(true, "YOUR_TEST_ENVIRONMENT_ENCRYPTION_KEY", "YOUR_LIVE_ENVIRONMENT_ENCRYPTION_KEY")))
      .build()
  MoEngage.initialise(moEngage)
  ```

  ```java Java theme={"theme":{"light":"github-light","dark":"github-dark"}}
  MoEngage moEngage = new MoEngage.Builder(this, "YOUR_Workspace_ID")
      .configureNetworkRequest(new NetworkRequestConfig(new NetworkDataSecurityConfig(true, "YOUR_TEST_ENVIRONMENT_ENCRYPTION_KEY", "YOUR_LIVE_ENVIRONMENT_ENCRYPTION_KEY")))
      .build();
  MoEngage.initialise(moEngage);
  ```
</CodeGroup>

***Note:*** When using encrypted network communication, we strongly recommend you enable Storage encryption as well.

# Network Request Authorization

To enable the network request authorization you need to

* Add the below-listed dependencies in your***app/build.gradle*** file.
* Call the [configureNetworkRequest()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-network-request.html) to enable the authorization on the [MoEngage.Builder](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) object while initializing the SDK

## SDK Installation

***If you have enabled Storage encryption or Encrypted Network Communication, you can skip the installation step and jump to the Enabling Authorization step.***

### Installing using BOM

Integration using BOM is the recommended way of integration, refer to the [Install Using BOM](/android-sdk/sdk-integration/basic-integration/Install-Using-BOM) document to configure BOM if not done already. Once you have configured the BOM add the dependency in the ***app/build.gradle*** file as shown below

<CodeGroup>
  ```Groovy build.gradle theme={"theme":{"light":"github-light","dark":"github-dark"}}
  dependencies {
      ...
      implementation("com.moengage.security")
  }
  ```
</CodeGroup>

Alternatively, you can add the dependency using Artifact ID as described in [Installation using Artifact ID](/android-sdk/sdk-integration/advanced-or-optional/installing-sdk-using-artifact-id#Device-Triggered). However, installation using BOM is the recommended approach, as installing using Artifact ID may lead to version mismatch if mapped incorrectly.

## Enabling Authorization

You can enable the network authorization using the [configureNetworkRequest()](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/configure-network-request.html) API in the [*MoEngage.Builder*](https://moengage.github.io/android-api-reference/core/com.moengage.core/\[android-jvm]-mo-engage/-builder/index.html) while initializing the SDK.

<CodeGroup>
  ```kotlin Kotlin theme={"theme":{"light":"github-light","dark":"github-dark"}}
  val moEngage = MoEngage.Builder(this, "YOUR_Workspace_ID", <DATA_CENTER>)
      .configureNetworkRequest(NetworkRequestConfig(NetworkAuthorizationConfig(true)))
      .build()
  MoEngage.initialise(moEngage)
  ```

  ```java Java theme={"theme":{"light":"github-light","dark":"github-dark"}}
  MoEngage moEngage = new MoEngage.Builder(this, "YOUR_Workspace_ID", <DATA_CENTER>)
      .configureNetworkRequest(new NetworkRequestConfig(new NetworkAuthorizationConfig(true)))
      .build();
  MoEngage.initialise(moEngage);
  ```
</CodeGroup>

<Info>
  Adding the above dependency and enabling the flag isn't enough for this feature to work; there is some additional configuration required on our side to enable this feature completely. In case you want to use this feature, reach out to your account manager or the MoEngage Support team.
</Info>
