Blocking Screenshots
Apps containing sensitive information frequently block the system screenshot and screen recording features because of data protection. Users and other apps are then prevented from taking screenshots and from recording the device screen when the app is in the foreground.
Malwarelytics for Android is able to block screenshots and screen recordings on all app screens.
The screenshot blocking feature is applied to the app’s activities. Details about behavior and APIs relevant to activity protection can be found in Activity protection.
Configuration
This feature can be configured during the Malwarelytics initialization phase:
val raspConfig = RaspConfig.Builder()
.screenshot(BlockConfig)
// configuration of other RASP features
.build()
Available values of BlockConfig
:
Value | Description |
---|---|
NoAction |
indicates that screenshots will not be automatically blocked. |
Block |
indicates that screenshots will be automatically blocked. |
Screenshot blocking defaults to BlockConfig.Block
.
Per Activity Fine-Tuning
App designs sometimes require screenshots to be enabled on some screens and blocked on other screens containing sensitive information. For this reason, Malwarelytics for Android offers a fine-tuning API to change the blocking of screenshots per activity.
Screenshots can be enabled on an activity by calling raspManager.enableScreenshotsOnActivity(activity)
and later blocked again by calling raspManager.blockScreenshotsOnActivity(activity)
. The methods should be called from the main thread.
Both methods can be also used when the screenshot blocking feature is disabled in configuration with raspConfigBuilder.blockScreenshots(false)
. In such a scenario screenshots can be selectively enabled and later disabled on an activity.
When using the fine-tuning API the app developer is responsible for using it correctly. In the case of fragment-based app designs that means correctly enabling and blocking screenshots in fragments that are attached to the same activity. The automatic blocking feature controlled by the SDK configuration is triggered only for newly created activities.
More information on general RASP feature configuration and usage can be found in this overview.