How to Detect Screen Capture & Recording using Kotlin

Screenshots and screen recordings may seem harmless, but in sensitive apps (banking, fintech, healthcare, messaging), they can expose confidential user data. Luckily, modern tools make it possible to detect and respond to these risks effectively.

What is Screen Capture & Recording?

Screen capture/recording refers to when users take screenshots or record your app’s screen. While capturing itself doesn’t impose threat, malicious actors can exploit it to steal sensitive information.

Attackers often use:

• Built-in Android screenshots/recording tools

• Third-party screen recorder apps

• Malware that captures the screen without consent

Statistics

This problem is not as insignificant, as it looks like. Our data shows, that around 1.5% of devices on which screenshot was detected; and 0.1% where recording was detected.

How to Detect Screen Capture/Recording?

Detecting screen capture is tricky, since Android doesn’t offer a universal system-level API for all cases. DIY methods (like flagging windows with FLAG_SECURE) work only partially and can break user experience.

To provide reliable and strong detection, it's good idea to use specialised, continuously updated SDKs.

These can provide:

• Newly updated detection techniques

• Deeper check of device

• Nice API for end developer to interact with, rather than reinventing a wheel

freeRASP (by Talsec)

• Strong screenshot and screen recording detections

• Actively maintained (changelog)

• Comes with 14 extra detections like app integrity, Frida and hooking, emulators, debugging, screenshots, etc.

• Used by 6000+ apps; #1 Mobile RASP SDK by popularity (link)

Integration Example:

Talsec.start(applicationContext)

override fun onScreenshotDetected() {
    Log.w("freeRASP", "Screenshot detected!")
    // Optionally block sensitive actions or warn the user
}

override fun onScreenRecordingDetected() {
    Log.w("freeRASP", "Screenshot detected!")
    // Optionally block sensitive actions or warn the user
}