Hide non-system overlays

      Technique summary
    Technique Hide non-system overlays
    Against View injections
    Limitations API Level ≥31 (Android ≥12)
      Does not protect against activity injections
      setHideOverlayWindows requires permission, Manifest.permission.HIDE_OVERLAY_WINDOWS.
    Side effects None
    Recommendations Recommended for use combined with other techniques

    Starting at API 31 (Android 12), Android introduced a definitive feature to protect against malicious overlays. To use this feature, call the method setHideOverlayWindows(true) on your specified activity windows.

    Apply this to every activity view that requests sensitive information from the user, such as pin codes, passwords, credit card details, etc. Doing so will prevent non-system overlays from obscuring such views on recent Android versions.

    Button detectOverlayButton = (Button)findViewById(R.id.btnDetect); detectOverlayButton.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { MainActivity.this.getWindow().setHideOverlayWindows(true); } });



    Table of contents