I am working on a system app where I am storing some sensitive data in EncryptedSharedPreference. I realise that my app is not working as expected if I do clear data of android Settings app. That is happening because if I try to get the instance of EncryptedSharedPreferences, it is throwing IOException. When I observe the encrypted_myapp_pref.xml file, I could see that all encrypted values are present in that file and that file is not changed at all.

I read that Jetpack Security has two types of keys - master key, and subkeys:

MasterKey - Encrypts and decrypts all subkeys and master key is stored in Android keystore. Subkeys - Encryption and decryption of all user data and all data + subkeys are stored in EncryptedSharedPreferences itself in encrypted format.

My theory is: When we do "clear data" of settings app, it also clears the Android Keystore instance. The same instance of android keystore is consumed by all system apps who as using sharedUserId="android.uid.system" + EncryptedSharedPreferences. But I did not find any supporting document for my theory.

Problem statement: If we are using system app with shared user id and if we clear the data of settings app, on killing our app and relaunching or on device reboot, our app(any system app) is not able to retrieve EncryptedSharedPreferences instance and failing with IOException.