Data like Oauth Token, key & Secrets are stored in text format in the databases which are internally integrated with gateways. Although Data stored in the database can be accessed by Gateway only, this point should be always mitigated by having encryption or masking over such data while storing in internal databases. Community, have a look into this and share your views.