Member-only story
Restrict Screen capture- Secure your on screen data
Part 4- Secure Android App Development
Some apps present sensitive data (e.g. passwords, credit card details, OTP codes in banking apps) or copyright-protected content (e.g. video streaming apps). Mobile Application Security Verification Standard — Platform states that the app should ensures that this data doesn’t end up being unintentionally leaked due to platform mechanisms such as auto-generated screenshots or accidentally disclosed via e.g. shoulder surfing or sharing the device with another person.
We will look at how to prevent the “auto-generated screenshots” part of the problem.
We can opt to use the Android platform’s FLAG_SECURE setting to prevent the screen from being captured, recorded, or mirrored on other displays
Setting the FLAG_SECURE prevents the app screens from recorded using-
- Screenshot
- Screen Recording,
- Screen Mirroring
Code Snippet
fun preventScreenCapture(activity: AppCompatActivity) {
activity.window.setFlags(
WindowManager.LayoutParams.FLAG_SECURE,
WindowManager.LayoutParams.FLAG_SECURE
)
}We can use this for any specific activities by adding it before setContentView() on onCreate() of the Activity
To add this to the entire app, we can add it to the onCreate of the BaseActivity which will be extended by all the other…
