It's clear that sensitive information shouldn't be stored in clear text and great care must be taken to store the data securely.

Try to avoid storing sensitive data on the device and store it at the server side. If you cannot avoid it, usage of strong encryption algorithms should be considered to encrypt the data. There are libraries available for encrypting your data when you save it on the device.

Secure Preferences is one such library that can be used to encrypt data in shared preferences. This can be found at the following link https://github.com/scottyab/secure-preferences.

SQLCipher is an option for encrypting SQLite databases. SQLCipher can be found at the following link https://www.zetetic.net/sqlcipher/sqlcipher-for-android/.

It should be noted that key management is a problem when using symmetric encryption algorithms such as AES. In such cases, Password Based Encryption (PBE) is another option, where the key will be derived based on the user-entered password.

If you consider using hashing, use a strong hashing algorithm with a salt.