Sikring af React Native-apps omfatter beskyttelse af data (sikker lagring, krypteret transmission), sikker håndtering af secrets og tokens, sikring af JavaScript-bundlet og overholdelse af mobile sikkerhedsbedste praksis. Sikkerhed er vigtig, da apps håndterer følsomme brugerdata.
Data- og legitimationssikkerhed
✓ SECURE STORAGE for sensitive data — react-native-keychain / expo-secure-store
(encrypted, keychain/keystore) — NOT AsyncStorage (which is NOT encrypted) for tokens/
credentials (a common mistake)
✓ HTTPS/TLS for all network traffic; certificate pinning for sensitive apps
✓ Don't HARDCODE secrets/API keys in the JS — the JS BUNDLE can be extracted/inspected
(anything in the app can be reverse-engineered) → keep real secrets on the SERVER
✓ Secure auth: OAuth, short-lived tokens, secure refresh; biometric auth where appropriate
