In the IQ SDK documentation it states
Under security
Apps must be signed to run on a Garmin device, and unsigned apps will be deleted by the device. The Monkey C tool will automatically sign your app based on your key. Your apps will run at the Developer privilege level. Apps signed by the app store run at the Trusted privilege level. The content of their object store will be encrypted and unreadable from the Connect IQ developer tools
Under storage
Prior to API level 2.4.0, all content was persisted in the object store.
Persisted data encrypted?
Am I to understand that data persisted using the newer storage api will be encrypted on device if the app is signed by the IQ App Store? Does anyone know the key chain specifics of this encryption?