Data anonymization and pseudonymization in mobile app

TRUETECH is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Data anonymization and pseudonymization in mobile app
Complex
~2-3 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1054
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Implementing Data Anonymization/Pseudonymization in Mobile Apps

Anonymization and pseudonymization — two different tools with different legal consequences. Anonymized data exits GDPR entirely: if data can't be linked to person with reasonable effort — regulator doesn't require protection. Pseudonymized data GDPR still regulates but with reduced requirements. Confusing them — typical design error.

Anonymization: When and How

True anonymization in product systems rare — full anonymization usually kills data value. But justified in two scenarios: analytics aggregates (DAU, retention by cohorts) and archived data after retention expiry.

k-anonymity — basic method: record set anonymous if each record indistinguishable from minimum k-1 others by quasi-identifiers (age, region, device). At k=5: if "iOS, Moscow, 25-30" cohort < 5 users — don't publish.

For mobile analytics: raw event export to Data Warehouse — generalize IP to /24 subnet, age to ranges, remove precise coords, replace device_id with daily-rotated hashed ID.

Pseudonymization in Practice

Pseudonymization — replace direct identifiers (email, phone, name) with reversible surrogates with separate key storage. In backend context:

Data storage:

-- Main table — pseudonymized data only
users:
  id UUID PK
  pseudonym_id VARCHAR  -- 'usr_a8f3c91d' — reversible via key vault

-- Vault table — separate DB or KMS
user_identity_vault:
  pseudonym_id VARCHAR PK
  email_encrypted BYTEA
  phone_encrypted BYTEA
  name_encrypted BYTEA
  encryption_key_id VARCHAR  -- ref to key in KMS (AWS KMS, HashiCorp Vault)

Main DB handles 99% ops with pseudonym_id. Real data queried from vault only when necessary (send email, show name in profile).

Technical Methods at Application Level

Tokenization for card numbers and sensitive financial data: real value replaced with token stored in isolated token vault (PCI DSS scope). Mobile app works only with token.

Hashing with salt for analytics IDs:

// Android — generate anonymous analytics ID
fun getAnalyticsId(userId: String, dailySalt: String): String {
    val input = "$userId:$dailySalt".toByteArray()
    val digest = MessageDigest.getInstance("SHA-256").digest(input)
    return Base64.encodeToString(digest, Base64.NO_WRAP).take(16)
}

Daily salt guarantees: user ID in analytics can't link between days without salt knowledge. Meets Apple ATT and Android Privacy Sandbox requirements.

Data Retention and Auto-Deletion

Pseudonymization without deletion policy — half-measure. For each data category — explicit retention period in schema:

-- Mark retention on creation
INSERT INTO user_events (user_id, event_type, data, delete_after)
VALUES (?, 'page_view', ?, NOW() + INTERVAL '90 days');

-- Background task (cron)
DELETE FROM user_events WHERE delete_after < NOW();
-- On delete — not DELETE, but anonymize via nulling user_id:
UPDATE user_events SET user_id = NULL WHERE delete_after < NOW();

Anonymization vs deletion preserves stats (event count by type) while losing user link.

Mobile Client Specifics

Never cache decrypted personal data in UserDefaults or SharedPreferences on client. If offline profile access needed — encrypt via Keychain/Android Keystore (AES-GCM, key in TEE). On logout — delete encrypted blob.

Pseudonymization on client: for analytics events use only analytics_id (hashed, rotating), not user_id. If analytics SDK (Firebase, Amplitude) requires user_id — send pseudonym, not real identifier.

Timeline — 2–3 days: pseudonymization schema design, vault layer implementation, retention jobs setup, analytics layer update on client.