Psono app for Android

Psono's app for Android has been released

Psono app in Google Play store

publicly available


We are proud to announce that Psono's app for Android is now publicly available in Google Play store. The app has been written in Flutter and is released under Apache 2.0 open source. The source code for the app can be found on gitlab.




The app is far from being feature complete yet already supports all necessary functionality to use it without issues. So far the app supports the following features:


  • Access to all your datastores and shares

  • Creation of entries and folders

  • Updating of entries and folders

  • Deletion of entries and folders

  • Convenient search through your whole datastore

  • Lockscreen with biometric authentication e.g. fingerprint

  • Mutliple translations into various languages (English, Italian, Spanish, French, ... and many more)


Next to all user specifc features:


  • Registration

  • Deletion of an account

  • Password reset

  • Support for 2-factor authentication for Duo / Google Analytics and Yubikeys

  • NFC support fo YubiKey

  • SAML Login (requires the EE server)

  • LDAP Login (requires the EE server)



Access your passwords on your mobile

Download the app from Google Play Store


Security

How secure is the App?

Psono is using state of the art capabilities of the Android OS.


Random Number Generator

Psono is using flutter's secure random number generator to generate all the cryptographic parameters.


Cryptography

The standard cryptography necessary for Psono's interaction with a Psono Server is done by flutter_sodium. flutter_sodium is one of the few libraries currenty implementing the necessary NaCl bindings. Another library that is used for sha512 hashes and scrypt password key derivation function is pointycastle. This library is currently unmaintained but that should not harm security.


Storage

Psono is using flutter_secure_storage library which encrypts everything with AES and stores the key RSA encrypted in the Android's KeyStore


Buimetric

Biometric authentication is done by the local_auth library. It is using the normal fingerprint API of Android underneath.


Configuration

Psono is using the "FLAG_SECURE" to treat the content of Psono secure and prevents it from appearing in screenshots or from being viewed on non-secure displays.



Coming Up

What is coming next?

The next steps for Psono will be support for Android's autofill possibilities of other apps and websites. Apple's iOS will also see an app soon once we were able to secure the necessary hardware to build and test the app. This is due to the fact that Apple does not allow / support the possibility to build apps for Apple on not Mac hardware.