LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • Introduction
  • articles
    • OWASP Top 10 For Flutter – M6: Inadequate Privacy Controls in Flutter & Dart
    • Simple Root Detection: Implementation and verification
    • OWASP Top 10 For Flutter - M5: Insecure Communication for Flutter and Dart
    • OWASP Top 10 For Flutter – M4: Insufficient Input/Output Validation in Flutter
    • OWASP Top 10 For Flutter – M3: Insecure Authentication and Authorization in Flutter
    • OWASP Top 10 For Flutter – M2: Inadequate Supply Chain Security in Flutter
    • OWASP Top 10 For Flutter - M1: Mastering Credential Security in Flutter
    • Hook, Hack, Defend: Frida’s Impact on Mobile Security & How to Fight Back
    • Emulators in Gaming: Threats and Detections
    • Exclusive Research: Unlocking Reliable Crash Tracking with PLCrashReporter for iOS SDKs
    • 🚀A Developer’s Guide to Implement End-to-End Encryption in Mobile Apps 🛡️
    • How to Block Screenshots, Screen Recording, and Remote Access Tools in Android and iOS Apps
    • Flutter Security 101: Restricting Installs to Protect Your App from Unofficial Sources
    • How to test a RASP? OWASP MAS: RASP Techniques Not Implemented [MASWE-0103]
    • How to implement Secure Storage in Flutter?
    • User Authentication Risks Coverage in Flutter Mobile Apps | TALSEE
    • Fact about the origin of the Talsec name
    • React Native Secure Boilerplate 2024: Ignite with freeRASP
    • Flutter CTO Report 2024: Flutter App Security Trends
    • Mobile API Anti-abuse Protection with AppiCrypt®: A New Play Integrity and DeviceCheck Alternative
    • Hacking and protection of Mobile Apps and backend APIs | 2024 Talsec Threat Modeling Exercise
    • Detect system VPNs with freeRASP
    • Introducing Talsec’s advanced malware protection!
    • Fraud-Proofing an Android App: Choosing the Best Device ID for Promo Abuse Prevention
    • Enhancing Capacitor App Security with freeRASP: Your Shield Against Threats 🛡️
    • Safeguarding Your Data in React Native: Secure Storage Solutions
    • Secure Storage: What Flutter can do, what Flutter could do
    • 🔒 Flutter Plugin Attack: Mechanics and Prevention
    • Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft
    • Build secure apps in React Native
    • How to Hack & Protect Flutter Apps — Simple and Actionable Guide (Pt. 1/3)
    • How to Hack & Protect Flutter Apps — OWASP MAS and RASP. (Pt. 2/3)
    • How to Hack & Protect Flutter Apps — Steal Firebase Auth token and attack the API. (Pt. 3/3)
    • freeRASP meets Cordova
    • Philosophizing security in a mobile-first world
    • 5 Things John Learned Fighting Hackers of His App — A must-read for PM’s and CISO’s
    • Missing Hero of Flutter World
Powered by GitBook
LogoLogo

Company

  • General Terms and Conditions

Stay Connected

  • LinkedIn
  • X
  • YouTube
On this page
  • "For Your Eyes Only" Principle
  • RASP Solution
  • Blocking / Unblocking Screen Capture
  • Screenshot Detection Integration
  • Screen Recording Detection Integration
  • Free and Business Approaches to Prevent Screen Capture Threats

Was this helpful?

  1. articles

How to Block Screenshots, Screen Recording, and Remote Access Tools in Android and iOS Apps

Tomáš Soukal provides an in-depth guide on how to block screenshots, screen recording, and remote access tools in Android, Flutter, React Native, and iOS apps.

Previous🚀A Developer’s Guide to Implement End-to-End Encryption in Mobile Apps 🛡️NextFlutter Security 101: Restricting Installs to Protect Your App from Unofficial Sources

Last updated 27 days ago

Was this helpful?

"For Your Eyes Only" Principle

Ever felt embarrassed after accidentally leaking your account balance, private messages, or personal photos and videos? As app developers, we’re often tasked with preventing such privacy breaches. Fortunately, implementing the right countermeasures is simpler than you think—and I’ll show you how.

For Your Eyes Only isn’t just a catchy phrase—it’s rooted in espionage history and made famous by the 1981 James Bond film. Originally used to label highly classified documents intended solely for authorized eyes, it perfectly captures the essence of protecting user data in mobile apps. When it comes to your users’ sensitive information, it truly should be for their eyes only.

Let’s explore a few common mobile app scenarios where you might want to enhance privacy and security:

  • Hide Everything: Protect highly sensitive content like health reports, password screens, account balances, recent transactions, and browsing history.

  • View, But Don’t Share: In galleries, stories, and dating apps, guard against unauthorized sharing by blocking screenshots and screen recording.

  • Leakage Awareness: Notify users if someone takes a screenshot of their stories, reels, or other ephemeral content.

  • Combat Social Engineering & Phishing: Block remote access tools like TeamViewer or AnyDesk to prevent attackers from stealing data or tricking users in phishing scams.

Category
Examples
Threat

Screenshot & Device built-in Screenshot and Recording apps

Default system apps on many devices

Global data leakage

Remote Desktop Control Apps

Social engineering, global data leakage

Chromecast / Miracast screen sharing apps

Local data leakage

Third Party Screenshot & Recording apps

Global data leakage

ADB Video Stream / Control

Local data leakage

ADB Screenshot

adb exec-out screencap -p > screen.png

Global data leakage

RASP Solution

Blocking / Unblocking Screen Capture

Talsec provides comprehensive protection against all listed categories of screen capture apps, ensuring your app’s content remains secure. All previosly listed categories can be blocked, with the screen appearing black in screenshots, recordings, or casting.

To easily implement this protection, simply use the Talsec.blockScreenCapture(this, true) method within your application.

public class DemoApplication extends Application {

    @Override
    public void onCreate() {
        super.onCreate();

        // Talsec initialization code
        // ...

        // Register a callback to listen to activity lifecycle events
        registerActivityLifecycleCallbacks(new ActivityLifecycleCallbacks() {
            @Override
            public void onActivityCreated(@NonNull Activity activity, @Nullable Bundle bundle) {
                // Block (true) or unblock (false) screen capturing
                Talsec.blockScreenCapture(activity, true);
            }
            // ...
        });
    }
}

Result

The protected application will display as a blank (black) screen in screenshots, screen recordings, screen casting, or when accessed through remote access tools like TeamViewer.

Screenshot Detection Integration

Screenshot Detection can be integrated by implementing onStart() and onStop() in the Activity class. Talsec is notified about the screenshot through Talsec.onScreenshotDetected(). This is returned to the application via the onScreenshotDetected() callback and processed further in the SDK.

Our RASP provides convenient callback method:

override fun onScreenshotDetected() {
    // your custom logic here
}

To integrate it you will need to integrate it into your Activity:

Screenshot Detection requires target Android SDK at least 34 (Android 14, API Level 34, Upside Down Cake).

[AndroidManifest.xml]
<uses-permission android:name="android.permission.DETECT_SCREEN_CAPTURE" />
[MainActivity.kt]
class MainActivity : ComponentActivity() {
    private lateinit var screenCaptureCallback: ScreenCaptureCallback

    override fun onCreate(savedInstanceState: Bundle?) { … }

    override fun onStart() {
        super.onStart()
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE) {
            screenCaptureCallback = ScreenCaptureCallback {
                Talsec.onScreenshotDetected()
            }
            registerScreenCaptureCallback(mainExecutor, screenCaptureCallback)
        }
    }

    override fun onStop() {
        super.onStop()
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE && screenCaptureCallback != null) {
            unregisterScreenCaptureCallback(screenCaptureCallback)
        }
    }
}

Screen Recording Detection Integration

Screen Recording can be integrated by implementing onStart() and onStop() in the Activity class. Talsec is notified about the screenshot through Talsec.onScreenRecordingDetected(). This is returned to the application via the onScreenRecordingDetected() callback and processed further in the SDK.

Our RASP provides convenient callback method:

override fun onScreenRecordingDetected() {
    // your custom logic here
}

To integrate it you will need to integrate it into your Activity:

Screen Recording Detection requires target Android SDK at least 35 (Android 15, API Level 35, Vanilla Ice Cream).

[AndroidManifest.xml]
<uses-permission android:name="android.permission.DETECT_SCREEN_RECORDING" />
[MainActivity.kt]
import android.view.WindowManager.SCREEN_RECORDING_STATE_VISIBLE
import java.util.function.Consumer

class MainActivity : ComponentActivity() {
    private val screenRecordCallback = Consumer<Int> { state ->
        if (state == SCREEN_RECORDING_STATE_VISIBLE) {
            Talsec.onScreenRecordingDetected();
        }
    }

    override fun onCreate(savedInstanceState: Bundle?) { … }

    override fun onStart() {
        super.onStart()
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.VANILLA_ICE_CREAM) {
            val initialState =
                windowManager.addScreenRecordingCallback(mainExecutor, screenRecordCallback)
            screenRecordCallback.accept(initialState)
        }
    }

    override fun onStop() {
        super.onStop()
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.VANILLA_ICE_CREAM) {
            windowManager.removeScreenRecordingCallback(screenRecordCallback)
        }
    }
}

Free and Business Approaches to Prevent Screen Capture Threats

For businesses looking to implement more complex, customizable security solution RASP+ provides advanced features that go beyond simple threat detection. With built-in reactions, MalwareDetection, Overlay Detection, and Accessibility Services Misuse Detection, businesses can create a comprehensive defense strategy. Additionally, incidents such as screenshots and screen recording attempts are recorded in logging data, enabling thorough tracking.

written by Tomáš Soukal

Penetration Testing Defense: Skilled testers often use remote access tools to demonstrate data leakage vulnerabilities—make this an impossible win by securing against RAT exploits. Check OWASP Mobile Security Standard requirement.

,

,

,

At Talsec, we set out to solve this problem elegantly by introducing three simple methods to tackle it effectively. You will find them both in the and RASP+ on all supported platforms (Android, Flutter, React Native, Capacitor, Cordova, iOS).

To effectively block all screen capture threats, both free and business approaches can be used depending on your security needs. For those seeking a cost-effective solution, and offer foundational protection. These tools can block basic screen capture threats while incorporating malware detection technologies to uncover Remote Access Tools (RATs) by searching for package names and risky permissions. This provides a robust initial layer of security without the need for a premium plan.

MASWE-0055
blockScreenCapture
onScreenshotDetected
onScreenRecordingDetected
TeamViewer
AnyDesk
Screen Mirroring - Miracast
AZ Screen Recorder
Loom
Vysor
scrcpy
freeRASP
"For Your Eyes Only" (1981) - classic James Bond movie
Black screenshot of protected app
Cover

Tomáš Soukal is a Senior Mobile Security Developer, OWASP MAS contributor, and Product Owner of Talsec RASP, specializing in app hardening and mobile security. When he's not crafting secure code, you can find him owning the dance floor as an avid dancer.

LinkedIn
freeMalwareDetection
freeRASP