Skip to content

Android Backup

Android applications once enabled backs up application user’s data. The data is protected by the user’s Google account. An application developer can customize the application to enable backup or opt out by disabling the backups.

Once enabled, the backup files include most of the directories that are assigned to the application by the system. Following are some of the list of files

  • Shared preferences files
  • Files saved to the application internal storage which is accessed by getFilesDir or getDir methods.
  • Files in the directory returned by the getDatabasePath method.
  • Files on external storage directory returned by getExternalFilesDir.

How to enable and disable backup

In your application manifest file, set the Boolean value android:allowBackup to enable or disable backup. Since foundation module has android:allowBackup="false" set as default with its manifest file, you must use the Android merge rule marker to override it. For more information about it refer Encryption Util Backup Consideration.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
<manifest ... >
    ...
    <application xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools"
    ...
    android:allowBackup="true" 
    tools:replace="android:allowBackup">
        ...
    </application>
</manifest>

It is also possible to specify finer control by enabling or disabling specific files or directories for backup.

Specifying backup control

An application can control list of directories in the included or excluded list using an XML specification. This specification can be done in an XML file and be specified

  1. In AndroidManifest.xml, add the android:fullBackupContent attribute to the <application> element. This attribute points to an XML file that contains backup rules. For example:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
<manifest ... >
    ...
    <application xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools"
    ...
    android:allowBackup="true" 
    tools:replace="android:allowBackup"
    android:fullBackupContent="@xml/backup_rules">
    ...
    </application>
</manifest>
2. Create an XML file called backup_rules.xml in the res/xml/ directory. Inside this backup rule file, add rules with the \<include> and \<exclude> elements

Note: Inside the backup rule file, add <exclude> elements to exclude shared preference files associated with No Passcode and/or Passcode with Biometric encryption keys, and the secure store database files associated with those encryption keys as shown below.

1
2
3
* `&lt;exclude domain="sharedpref" path=`"&amp;lt;encryption key alias&amp;gt;**_sharedPreference##.xml**"`&gt;`
* `&lt;exclude domain="database" path=`"&amp;lt;the name of the secure store that uses the above encryption key&amp;gt;"`&gt;`
For more details refer to [Encryption Util Adding Backup rules](../foundation/common/EncryptionUtil.md#backup-considerations).

xml<?xml version="1.0" encoding="utf-8"?><full-backup-content><include domain=["file" | "database" | "sharedpref" | "external" | "root"] path="relativepath"/><exclude domain=["file" | "database" | "sharedpref" | "external" | "root"] path="relativepath"/><!--The following lines should be used to exclude the backup of specic files1. Exclude shared preferences in the pattern of "encryptionKeyAlias"appended with "_sharedPreference##.xml" for all encryption keysin No Passcode State or Passcode with Biometric State.2. Exclude secure stores using those encryption keys-- in this example,Secure store "APP_SECURE_STORE" is using encryption key with alias "app_pc_alias".Secure store "RLM_SECURE_STORE" is using encryption key with alias "rlm_pc_alias".--><exclude domain="sharedpref" path="app_pc_alias_sharedPreference##.xml" /><exclude domain="sharedpref" path="rlm_pc_alias_sharedPreference##.xml" /><exclude domain="database" path="APP_SECURE_STORE" /><exclude domain="database" path="RLM_SECURE_STORE" /></full-backup-content>

domain - specifies the location of resource. Valid values for this attribute include the following:

  • root - the directory on the filesystem where all private files belonging to this app are stored.
  • file - directories returned by getFilesDir().
  • database - directories returned by getDatabasePath(). Databases created with SQLiteOpenHelper are stored here.
  • sharedpref - the directory where SharedPreferences are stored.
  • external - the directory returned by getExternalFilesDir()

path - Specifies a file or folder to include in or exclude from the backup. Note that:

  • This attribute does not support wildcard or regex syntax.
  • You can use . to reference the current directory, however, you cannot reference the parent directory .. for security reasons.
  • If you specify a directory, then the rule applies to all files in the directory and recursive sub-directories.

## Creating data in the non-backupable file

Auto Backup excludes files in directories returned by getCacheDir(), getCodeCacheDir(), or getNoBackupFilesDir(). The files saved in these locations are only needed temporarily, or are intentionally excluded from backup operations.

A code snippet below shows how non-backupable data can be created programmatically by calling getNoBackupFilesDir() method. You can use the other two methods also in a similar manner.

````java tab="JAVA" File f = new File(getNoBackupFilesDir(),"nonbackup.txt"); try (FileOutputStream out = new FileOutputStream(f); ){ out.write("test non backp file".getBytes()); out.close(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); }

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
````kotlin tab="KOTLIN"
val f = File(noBackupFilesDir, "nonbackup.txt")
try {
    FileOutputStream(f).use { out ->
        out.write("test non backp file".toByteArray())
        out.close()
    }
} catch (e: FileNotFoundException) {
    e.printStackTrace()
} catch (e: IOException) {
    e.printStackTrace()
}