Not only are the established methods for secure erasure ineffective, but they also eat up valuable write cycles on flash chips for no tangible benefit - every write to a flash memory device is in effect a small amount of damage to the device, which when taken cumulatively over a long period of time, will eventually lead to the catastrophic failure of that device.
Worse yet is no ordinary software forensic toolset can even see that this data exists - the device consistently maps even the lowest level APIs around the hidden data - direct, physical methods of reading the data off the chips, or discovery of secret manufacturer APs that may or may not exist in any given product are the only chance to see it - the operating system is oblivious in every case, so there's no way anyone but the manufacturer itself, or a destructive examination inf a forensic lab can tell for sure.
With all that said, with extremely rare exceptions i can count on the fingers of one hand like gpg, the only software packages that even attempts to do secure deletion, in any environment, are standalone secure deletion utilities. The assumption should always be that an application does not provide secure deletion, or even secure storage of data at rest, because this is almost universally true, even in supposedly security conscious applications. If it doesn't make any specific claims about secure erasure, it most certainly doesn't do it. Insecure storage, and cleartext data at rest are the norm, even in 2016, even in supposedly "secure" applications.
Using full disk encryption, with a robust passphrase lock, or a robust passphrase lock coupled with biometrics should be the default for anyone carrying sensitive information on a mobile device.