To support this, add this to manifest inside application tag:

android:allowBackup="true" android:defaultToDeviceProtectedStorage="true" android:directBootAware="true"

Then you just need to store all eventual settings (that come in the future) in device-encrypted storage instead of credential-encrypted storage.