In this chapter, we have discussed various data storage mechanisms used by Android frameworks. We have seen how shared preferences, SQLite databases, and internal and external storage is used to insecurely store data. The backup techniques allowed us to perform the same techniques as on a rooted device with only a few extra steps, even on non-rooted devices. In the next chapter, we will discuss techniques to find vulnerabilities in the server side of a mobile app.