do you know if is this even a problem?
im assuming if you are using a foss client it can be verified how the client stores your key and make sure it doesnt leave your device. or is it the OS (android and ios) that we are worried about?
Discussion
is a app worried ... like i say in other comment ... you have amber: