6

For one of our secure apps, there is a requirement to disable the screenshot capability for the app in Android ICS. Is this possible on a non-rooted device?
Thanks,
Rajath

Rajath
  • 11,787
  • 7
  • 48
  • 62
  • Is this in a corporate environment where you control the devices, or just a normal market application? If you control the device, it might be possible to prevent screenshots, but just taking a photo will always work. And for normal applications you shouldn't even try. – CodesInChaos Feb 13 '12 at 16:20

2 Answers2

14

Why don't you add this line in your activity class. This will do the trick.

// This disables screen shot to be taken for current activity
getWindow().setFlags(LayoutParams.FLAG_SECURE, LayoutParams.FLAG_SECURE);

You may want to have a look at Mark Murphy's blog post.

Paul Lammertsma
  • 37,593
  • 16
  • 136
  • 187
Android
  • 3,828
  • 9
  • 46
  • 79
  • Note that this may not work on all pre-ICS devices, as their screenshot implementation may not be standard and therefore not acknowledge [`FLAG_SECURE`](http://developer.android.com/reference/android/view/WindowManager.LayoutParams.html#FLAG_SECURE). – Paul Lammertsma Nov 12 '12 at 10:32
1

This will never be possible, period end of story. Its also possible for the owner of the device to obtain any encryption keys used by your application by reading memory using a debugger. This can be used decrypt any "sensitive" imagery used by the app.

rook
  • 66,304
  • 38
  • 162
  • 239
  • 2
    And in the worst case one can just take a photo. – CodesInChaos Feb 13 '12 at 16:20
  • @Rook and CodeInChaos, thanks for your inputs. I think the requirements don't mandate such a strong security policy. I came across [FLAG_SECURE](http://developer.android.com/reference/android/view/WindowManager.LayoutParams.html#FLAG_SECURE) which might do the trick – Rajath Feb 14 '12 at 05:50
  • @CodesInChaos Usually the point of disabling screen capturing is to prevent background apps (possibly malware) from obtaining sensitive information. – Paul Lammertsma Nov 12 '12 at 10:28
  • @Paul Lammertsma all the more reason why it won't work. Malware is going to jailbreak the device. – rook Nov 12 '12 at 10:38
  • @Rook As of this writing, there are no Android apps that can root a device without user interaction. – Paul Lammertsma Nov 12 '12 at 10:42
  • @Paul Lammertsma Very very untrue. I am guessing you don't pay attention to the pwn2own competition... – rook Nov 12 '12 at 10:44
  • 1
    @Rook It would be a useful addition to others reading this thread if you can provide a little more information and I'm really interested in reading up! That being said, I don't think a good argument against using `FLAG_SECURE` is that users might acquire root permissions. Furthermore, debugging is disabled on release builds and even if a debug build were deployed on a device, ADB would have to manually be enabled through user interaction first. Debating the implications of root or how to get it is perhaps a discussion in its own right. – Paul Lammertsma Nov 12 '12 at 10:51