Snippet: Treat window content securely

A quick snippet to secure content in a window from screenshots and recents menu

May 27, 2013 - 1 minute read -
android development security snippet

We are definitely at the point where we use our mobile phones and tablets for just about everything. Everything from e-mail, reading, gaming, documents, and even banking. Especially with applications like banking there’s a certain expectation of quality and protection from the developers. There’s one API that has been available since API level 1 that provides a nice layer of protection without too much effort.

Android provides the ability to set the FLAG_SECURE flag on a window. This prevents devices from being able to take a screenshot when that window is on the screen as well as displaying the window on a non-secure display. This isn’t exactly going to prevent someone from stealing data in all cases, but if someone was to get a hold of a device it would at least be a little more difficult.

public class AccountDetailsActivity extends Activity {
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);

        getWindow().setFlags(LayoutParams.FLAG_SECURE, LayoutParams.FLAG_SECURE);
        setContentView(R.layout.activity_accountdetails);
    }
}

Including this on the more sensitive screens in your application is definitely an easy win. This is definitely not the only security precaution you should focus on, but one of many that eventually lead to a polished application.

Source (Gist) Snippet: Activity sample