[Mobile Application]
Security Research Center
Secure flag
Guardsquare recommended technique
Technique summary | |
Technique | Secure flag |
Against | Screen recording attacks |
Limitations | None |
Side effects | Protected views do not appear on screenshots or recordings, and cannot be shared with remote viewing software |
Recommendations | Recommended for use |
The use of FLAG_SECURE
is a well-known Android security measure to prevent sensitive data being leaked through the screen.
One specific issue that FLAG_SECURE
does not address on older Android versions is that the keyboard and cursor are visible while FLAG_SECURE
is set on the application activity in such a way that it is possible to retrieve the sensitive data. Please see secure in-app keyboard for more information.
Guardsquare
Connect with the author
Table of contents