IDKit SDK uses AES symmetric encryption. Each record in database is encrypted separately. Application is responsible for secure storage of the 256-bit encryption key.
If I was developing similar application, I would put the key in registry encrypted with yet another key that would be embedded in application binary and possibly protected with some commercial code obfuscation tool.