2

I’m writing an app where I’d like to request the user put in their passcode (KeyguardManager.createConfirmDeviceCredentialIntent), but only if the device has been unlocked for more than X amount of time.

In iOS, this is called LATouchIDAuthenticationMaximumAllowableReuseDuration.

I thought of three ways to accomplish this on Android, but have hit a wall with each one. Anyone have any better ideas?

Idea #1: Runtime.getRuntime().exec(“dumpsys activity broadcasts history”); Issue: Requires android.permission.DUMP which is only available to system level applications

Idea #2: Runtime.getRuntime().exec(“logcat -d |grep USER_PRESENT”); Issue: As of Android 4.1, logs originating from sources other than your app are filtered out.

Idea #3: Set up a broadcast receiver for USER_PRESENT and log all screen unlocks. Issue: As of API 26, this is ignored if registered in the manifest and needs to be registered at runtime which is unreliable.

Sooo.. any other ideas?

Thanks!

Steven L
  • 15,304
  • 1
  • 21
  • 16
  • A better option- don't look at system unlocks. Have the user put in their passcode the first time your app is used, and then ask for it again after X amount of time. If you really care about security and are worried about someone leaving a device around unlocked, then being even more proactive is better. – Gabe Sechan Aug 07 '19 at 19:55

0 Answers0