What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Wallet app?

Bouncy Castle is a fairly well known and respected open source implementation of a bunch of different crypto systems.

I'm a little leery of any of these that require you to sync with their servers, I prefer to keep control over the data. One reason I use KeePassDroid is that it uses a known set of algorithms and file format. I use KeePass 2 on the pc and keep my database on Dropbox, I just export a new copy to the KeePass 1.x format when I make changes and downloaded it to the phone from drop box (DroidBox is a fairly good dropbox client that's rapidly improving).

mantis5 said:
What about security in these apps? How do you decide who is trustworthy, among the vendors/suppliers of wallet apps?

For example, Secforms is the product of a company called Elaxys. Who are they? How do we know they don't have a back door to our data? Secforms has full net access. Their web site is a bare-bones affair. Who are these guys?

B-Folders, for another example, says:

We take the security of your data seriously:

  • 256-bit AES encryption - a standard for strong government-grade encryption
  • we use a custom database engine to encrypt every bit of your data (the database engine that ships with Android does not allow to encrypt all the data - i.e. indexes, meta-data etc.)
  • we use the open-source encryption library Bouncy Castle instead of Android encryption library to provide protection against possible backdoor installed by the operator or device manufacturer
Click to expand...
That all sounds good. But, who is Bouncy Castle and why should we trust them? :p

I'd love to hear from some people who really know about data encryption and security, we must have some here. :)
Click to expand...
 
Thanks, jimnutt. :)

To be clear, Secforms doesn't require or mention syncing with their servers; The network access is for wifi sync with your own PC, and even then wifi connect requires being toggled on/off from the phone app. Some people are afraid that network permissions can be used for other purposes, though, and I can see how it might.
 
Password Safe (Full, $2.49) from Rhythm Software

Password Safe

This is a review of Password Safe 1.5.0, from Rhythm Software, which currently costs $2.49 in the Android Marketplace. Not free, but reasonably cheap, nobody is going broke buying this one. I should probably note that there is also a similarly named Android Password Safe which appears to be a SourceForge variant, different app. I will continue to use eWallet as the kind of base standard, even though it's not yet available on Android, but it represents a mature, full function application, and until something better comes along, gives the competition something to shoot for (and the competition, including Password Safe, is getting closer). Testing was on a Moto Droid Android 2.0.

Screen shots from Androlib:

xnxA.u.cs.png
xnxt.u.cs.png


and Androlib link, for more reviews:

Password Safe v1.4.1 Application for Android | Tools

I never could find the developer (Rhythm Software) web site, but the email contact is:

hexise@gmail.com

Password Safe lets you create basically one level of folders, there's nothing much predefined, but the process is pretty easy, you just create a folder, and it puts it on the entry screen, sorted, so pretty easy to deal with. I could not seem to get it to create two levels of folder, so you cannot really do anything where you have a hierarchy, personal/business sort of thing (as in Windoze or eWallet), but not a major thing, really, you could use extended names (example: Personal Credit Cards | Business Credit Cards) and because of the sorting, it would amount to something similar.

Items are added at the base screen (you pick the folder or category as part of the item creation process), and you can choose a template to start. The pre-built-in templates included:

  • Bank Account
  • Car Info
  • Credit Card
  • Email Account
  • Emergency Number
  • Passport Info
  • Password
  • Software Info
  • Web Site

So not a bad start, but it's missing a lot of what eWallet and some of the others have defined already (examples: Socrial Security Number, Driver License Info, etc., etc.). Once you select one of the templates, it shows a prompt screen, with edit fields and so forth. You punch in the data, hit the save, and you're done.

I guess I should note one really kind of annoying thing, at least for someone writing a review :), as of 1.5.0, Rhythm Software added automatic locking after 60 seconds. While that's probably not a bad feature, if you're really concerned about security, if you set the phone down for a bit, or go off and type something in, it's going to have locked on you. So I don't mind the feature, but it would be nice to either:

  1. Be able to turn it off as a user controlled option, or...
  2. At Least be able to set the interval higher than a minute

There is a reasonable starter list of templates, entry field patterns, although not as extensive as some of the competition, but probably more importantly, you can create your own template. Basically the template consists of fields, there are two types:

  • Date
  • Text (string)

And so with a text field, you can pretty much do what you want, in terms of entry. The text field allows multiple lines (return), so you can go extended there, using it for notes. Probably could have used a number field (some of the competition does that, avoids you having to go to Alt- to enter in numbers on the Droid keyboard, but kind of a minor thing. Fields get added to the end of the template, but there appears to be no way to move them up or down in order, so that's a deficiency as versus some of the competition.

You are asked early on while inputting a Password Record (entry), which Category you want to put it in, right after the Title, and when you go back in to edit it, you can change the Category, so you can effectively move things between folders.

One thing I particularly liked about Password Safe is that when it displays an item, it does so in a smaller font, so you get more on the screen. Frequently, Android Apps in this category use the same entry and display screens, which is probably simpler to code, but you need bigger fields for entry than you do for display, so here Password Safe is ahead.

If I had to characterize Password Safe, it gets the task done. I liked the way things were organized, things are well thought out and everything "works". I saw no force closes, and I did my standard rotate the screen and various other things that caused other Apps to have problems. And with the templates, and the ability to add or modify them, it's more extensible then some of the competition. In terms of the competition, Seforms-lite is free and has much of the same level of functionality (including template structure), and B-Folders has slight ease-of-use advantages, here and there, but Password Safe is not all that expensive, and had some niceties here and there. It probably is better than WalletPro, but it's not a straightforward comparison, I liked the folders and the way that all worked, some might prefer WalletPro's tagging. But anyway, Password Safe is well worth considering. It's somewhat basic, but extensible, and it organizes and displays items very nicely.


Pros:

  • GUI is pretty easy to use, good appearance, etc.
  • One Level of Folders for Organization
  • Basic templates are there already
  • Fairly extensive set of icons (60ish) to graphically tag folders
  • Templates are modifiable and extensible
  • Display view of a password item was very nice
  • Has a back button arrow in many of the navigation places, which is nice, you're not worried about the main back button sending you out of the App

Cons:

  • Only one level of folders in hierarchy
  • Templates not as extensive as some of the competition
  • Autolock nice, but needs to be user configurable (turn-off, duration, etc.)
  • This must be an Android thing, as I've seen it a lot, but wants to set Credit card dates to yyyy-dd-mm, whereas my credit cards mostly are yyyy-mm (no day)
  • Some of the password managers have a "Show" function for password entry, which would be nice here
  • I could not find a way to move around fields in a template (up/down) so that the more frequently used ones are on top
  • Credit Card template is missing an entry for contact phone number (pretty standard, if lost contact ....), but this is pretty easily added manually
  • Not as extensive set of templates to begin with as some of the competition
 
I forgot to mention a couple of things. As near as I can figure, there's no PC variant of Password Safe, an advantage some implementations have over it. But there is a save to SD function that makes backing up possible. And there's a Password Safe Lite version for free. I did not bother with the Lite version, it does look fairly full functioned, but at $2.50, it just seemed simpler to try the real deal.
 
I think I'm going to stick with SecForms (and not because it free :) )
I really like the interface. I think it's somewhat close to SPB Wallet (which is what I've been using on WinMo)

@pwjone1,

Thank you VERY much for your amazing reviews. I'm sure they'll help a lot of people make a well-educated choice on which solution to go with!

dimaj
 
Iliumsoft eWallet Viewer 7.1.0.41

eWallet Viewer

This is a mini-review of Ilium Software eWallet 7.1 (and Android Viewer 7.1.0.41). eWallet has been around for years, initially as a Wallet type application for the Windows Mobile platform, adding iPhone, and just recently, added Android support. I should note up front, however, that the Android support is only for viewing wallet type information, it cannot change it. Changes have to be made on the PC version, and then they can be downloaded to the Android phone, and viewed from there. I am sure that's only temporary, the other phone platforms allow edit/save/sync. But I suppose in response to Android's wild success, Ilium is scrambling, it is what it is, for this point in time. The Android viewer is free, however the eWallet PC goes for $20 ($10 upgrade).

Web page:

eWallet Viewer for Android - Password Manager and Digital Wallet

Screen shots from Iliumsoft:

andr_visasm.jpg
andr_amazonsm.jpg


The PC editor is pretty flexible, there's a large number of built in cards:
  • Bank Account
  • Calling Card
  • Car Info
  • Cellular Phone
  • Clothes Sizes
  • Combination Lock
  • Contact
  • Contact Lens Prescription
  • Credit Card
  • Email Account
  • Emergency Numbers
  • General Purpose
  • Health Numbers
  • ID Card
  • Insurance Policy
  • Internet Settings
  • Lens Prescription
  • Library Card
  • Passport Info
  • Password
  • Picture Card
  • Prescription
  • Serial Number
  • Social Security Number
  • Software Serial Number
  • Voice Mail Info
  • Voter Card
  • Web Site

As far as I can tell, this is the richest set available. Each has its own icon, but you can also select from other icons, and even download icons, backgrounds, etc., to extend how the card looks. The cards can be organized in folders. Folders can be put into Folders, which a lot of the other wallet programs cannot do, so you can have a hierarchy. Because input is on the PC, it's pretty easy to type in.

What I can say about the Android eWallet Viewer is that it's a promising start. It's not really competitive with the Android Apps that allow you to enter and edit content. I think this will be a show-stopper, for a lot of users. It is generally easier to enter information on a PC, bigger screen, regular keyboard, but you cannot always control when you need to enter something. If you're putting in your Credit Cards, a PC is fine, you have a stack of them, you just punch away. That's what I did originally with my wallet. But as you go along, you need to be able to update on the portable device. Maybe you're changing the password on an account, but are not at the PC. Certainly on a Droid, that's going to happen, sooner or later. And so far at least, eWallet does not do that. So I see this as really only viable if you're usage is relatively stable, and the customer set is really only the existing eWallet user base. Ilium soft gets credit for supporting multiple phone platforms, but it still has work to do on the Android one.

Another problem I found, ironically with the PC client, is that with 7.1 on Vista 64 system, I had a fair number of abends and exceptions thrown. It did not update the Windows Mobile correctly (that I could live with, I just needed to get the Wallet file off), and when I played around a bit, I found that syncrhonization to the Android client would then throw exceptions, abend the program. 7.1 is just out, so probably just some initial release type jitters. The Android client was stable enough, no complaints there, it worked well.




Pros:
  • Very Rich set of Card types and Icons
  • PC Client that synchronizes
  • Multiple Level Folder support
  • Templates are modfiable and extensible (on the PC)
  • Detail fields can be changed (named, etc.)


Cons:
  • Major Limitation: Cannot edit on the Android, only on PC
  • Cannot change card types/information on the PC client
 
pwjone1 said:
B-Folders

OK, I finished playing with B-Folders, as suggested that seems to be the best eWallet type application available so far on the Droid.

The types of items it supports are:

  • Folder (for organization)
  • Note (free form text)
  • Contact (similar to phone contact, built in on Droid, but obvously password protected
  • Credit Card
  • Login Password (Userid)
  • Bookmark (URL)

Pretty much everything works, no Droid anomalies, things are readable, entry is pretty logical and well laid out. For a Free Ap, it's pretty well done.

Pros

  • Free
  • Has all the basics covered (Credit Card, URL, userid, Free Format)
  • Works pretty well

Cons

  • Not as rich as eWallet in prebuilt cards, and as far as I can tell, no way of extending, so you end up using Notes (free format) a fair amount
  • Password timeout max is at 20 minutes (I set the Droid to have a gesture protect, so I don't really need a timeout, or at least would like a higher timeout)
  • Doesn't seem to sort the cards automatically, you have to cut'n'paste manually

One thing I found with the Credit Cards is that it misses a couple of fields, one for a contact phone number if the card is lost (+ international phone #, maybe that's 2 fields), same for URL. And the URL card is also a bit short on fields, for userid/password, various other aspects, but mostly you can put that in the note, or just use the userid card type. But there are a considerable number of card types found in eWallet, but not in B-Folders:

  • General Purpose
  • Health Numbers
  • ID Card
  • Insurance Policy
  • Internet Settings
  • Lens Prescription
  • Library Card
  • Membership Info
  • Note Card
  • Password Info (similar enough to userid)
  • Picture Card
  • Prescription
  • Serial Number
  • Social Security Number
  • Software Serial Number
  • Voice Mail Info
  • Voter Card

But again, free, and the Notes free-format can be used to cover the missing card types, so not insurmountable as a problem.
Click to expand...

Just a quick update, B-Folders has come out with a version of the program that runs on the PC. B-Folders 2 is covered at:

B-Folders

B-Folders remains one of the better Android clients, of course, very easy to use, maybe a tad light on templates (particularly where you cannot create them). The B-Folders PC client price is $30, which is maybe a tad on the expensive side (eWallet is $20, Secforms is $20, but SplashID is $20 WinPC client +$10 for Android), but there is a 30-day, try free aspect to it.

In general, the pros and cons of Android synchronization only become a factor if you desire that functionality. I generally prefer web synchronization, because you can then typically "see" the information for anywhere, and you're not paying a lot for PC clients, a factor for someone with multiple PCs, home & work, etc. But, a lot of people prefer PC synchronization to the web. They don't trust the web vendors, to stay in business, not lose their data, not have ID theft, etc. If it's just on your PC, just synchronized via the USB cable, then it's a bit more secure. And you pay-it-once, short of upgrades, there's generally not the ongoing costs like the web (lastpass, etc.) ones (at least with the premium features).
 
After some experimentation, I was getting a series of abends in the eWallet PC client, during Sync operations. I tried a series of uninstalls, re-installs, but it still gets an error, abends out of eWallet, and that's that. I reported it to Ilium, 7.1 level of eWallet, some time back, but haven't heard anything. I noticed they had pushed a new Adoid client install, and that's on, basically makes no difference. 7.1 does sync OK with my Win Mobile Pro 6.0 phone, so it's something specific to their support for Android. Shame really, so close, but so far. Anyway, in it's current state, I could not recommend it at all, it's at best alpha level code.
 
pwjone1 said:
After some experimentation, I was getting a series of abends in the eWallet PC client, during Sync operations. I tried a series of uninstalls, re-installs, but it still gets an error, abends out of eWallet, and that's that. I reported it to Ilium, 7.1 level of eWallet, some time back, but haven't heard anything. I noticed they had pushed a new Adoid client install, and that's on, basically makes no difference. 7.1 does sync OK with my Win Mobile Pro 6.0 phone, so it's something specific to their support for Android. Shame really, so close, but so far. Anyway, in it's current state, I could not recommend it at all, it's at best alpha level code.
Click to expand...

I've been using 7.1 on my home and office systems running Windows 7 64-bit. I haven't experienced any problems syncing except for the very first try when I got the Droid. I don't particularly mine waiting until I get on the PC to enter or edit a card. I would like to see more features on the Droid viewer, but it does serve its purpose for information lookup. I will stay with eWallet for now.
 
jhom said:
pwjone1 said:
After some experimentation, I was getting a series of abends in the eWallet PC client, during Sync operations. I tried a series of uninstalls, re-installs, but it still gets an error, abends out of eWallet, and that's that. I reported it to Ilium, 7.1 level of eWallet, some time back, but haven't heard anything. I noticed they had pushed a new Adoid client install, and that's on, basically makes no difference. 7.1 does sync OK with my Win Mobile Pro 6.0 phone, so it's something specific to their support for Android. Shame really, so close, but so far. Anyway, in it's current state, I could not recommend it at all, it's at best alpha level code.
Click to expand...

I've been using 7.1 on my home and office systems running Windows 7 64-bit. I haven't experienced any problems syncing except for the very first try when I got the Droid. I don't particularly mine waiting until I get on the PC to enter or edit a card. I would like to see more features on the Droid viewer, but it does serve its purpose for information lookup. I will stay with eWallet for now.
Click to expand...

There was an eWallet Android update that seems to have addressed the synchronization abends I was seeing on Vista32. I have not tried it out again on Vista64, hopefully I can get to to trying it out again at some point. Visually, the viewer is very nice, one of the better ones, but the lack of Droid updating is a pretty bad limitation.
 
You must log in or register to reply here.

Similar threads

K
checkbook/wallet type application sync to/from pc.
Replies
1
Views
5K
Droid-Xer
D
V
Google Wallet -- SCORE
Replies
0
Views
1K
Vulcan1600
V
H
Google wallet latest update?
Replies
11
Views
4K
HarvesterX™
H
K
Verizon just launched "their Version of Google Wallet" aka Lemon Wallet
Replies
1
Views
2K
steeletown
S
H
3/5/12 Google Wallet Update Apk...
Replies
6
Views
14K
FastEddie
F
Back
Top