DRACOON for iOS meets the highest security standards and can therefore—regarding data security—be used without hesitation for the following reasons:
- The DRACOON app must go through a strict review process by Apple for each new version before the app is released by Apple for download in the App Store. The review ensures that the app meets the strict quality guidelines required by Apple at all times and does not contain any malicious code.
- The DRACOON app runs on iPhone/iPad in a protected area, a so-called sandbox. This ensures that the app is strictly isolated from the rest of the system and can only communicate with other apps via official interfaces approved by Apple.
- The sandbox also generally prevents other apps from accessing data stored in the DRACOON app.
- Data stored in the DRACOON app (such as login data or files downloaded offline from DRACOON) are stored encrypted in the app cache so that the data cannot be accessed by others when the device is lost, for example. Access to the decrypted data is generally only possible after the device has been successfully unlocked (with Face ID, for example).
- If required, an additional PIN lock can be enabled in the DRACOON app, which then requires a special PIN lock code that is only valid for the DRACOON app. This prevents access to the data of the DRACOON app even if someone unlocks the device with malicious intent.
- All data between the app and DRACOON is generally transmitted via an encrypted connection (HTTPS).