...
Classes and class members should be given the minimum access possible so that malicious code has the least chance of compromising their security. As far as possible, sensitive classes should avoid implementing interfaces. This is because only public methods are allowed to be declared within interfaces and these carry forward to the public Application Programming Interface (API) of the class. An exception is implementing an unmodifiable interface that exposes a public immutable view of a mutable object (SEC01SEC14-J. Provide sensitive mutable classes with unmodifiable wrappers). Additionally, be aware that even if a class's visibility is default, it can be susceptible to misuse if it exposes a public method.
...