Secure Background Screen Preview in Xamarin

If your mobile application has sensitive information, you will go to great lengths to secure it. However one sneaky way, sensitive information can leak, is through the background screen preview. When your app goes to the background, the OS, will take a screenshot and use this as a preview of your app. If you then handed your phone to someone else, and they looked through the open apps, they would see a screenshot of your app, possibly with sensitive information on it. To avoid this, we can blur or hide the screenshot taken, to hide sensitive information.

Xamarin.iOS

You have a few ways to do this, but the easiest is to set a blur when the AppDelegate calls OnResignActivation. Place the following in your AppDelegate of your Xamarin.iOS app. This creates a blur effect on the main window, when OnResignActivation is called, then removes it, when OnActivated is called.

UIVisualEffectView _blurWindow = null;

public override void OnActivated(UIApplication application)
{
    base.OnActivated(application);

    _blurWindow?.RemoveFromSuperview();
    _blurWindow?.Dispose();
    _blurWindow = null;
}

public override void OnResignActivation(UIApplication application)
{
    base.OnResignActivation(application);

    using (var blurEffect = UIBlurEffect.FromStyle(UIBlurEffectStyle.Dark))
    {
        _blurWindow = new UIVisualEffectView(blurEffect)
        {
            Frame = UIApplication.SharedApplication.KeyWindow.RootViewController.View.Bounds
        };
        UIApplication.SharedApplication.KeyWindow.RootViewController.View.AddSubview(_blurWindow);
     }
}

On the left is the unsecured image, on the right, is the secured image. You can change the blur effect to Light, Regular or any of the other options listed.

Xamarin.Android

Android, is much easier. In your MainActivity.cs, in the OnCreate, just add the WindowManagerFlags.Secure flag. When setting Window flags, I always tend to do it after Xamarin.Forms has loaded, to ensure it isn’t overwritten either now, or in future updates. You need to make sure your code, gets the last word.

protected override void OnCreate(Bundle bundle)
{           
    TabLayoutResource = Resource.Layout.Tabbar;
    ToolbarResource = Resource.Layout.Toolbar;

    base.OnCreate(bundle);

    global::Xamarin.Forms.Forms.Init(this, bundle);
    LoadApplication(new App());

    Window.SetFlags(WindowManagerFlags.Secure, WindowManagerFlags.Secure);
}

When we run the app, you can see the one on the left is not secure, the one on the right is with the secure flag set.


XAMARIN.FORMS MONTHLY NEWSLETTER

JOIN 1,200+ SUBSCRIBERS

  1. Don't miss out on updates
  2. The latest info from this site, Xamarin and the community
  3. Unsubscribe at any time*

* We use MailChimp, with double opt-in, and instant unsubscribe

Microsoft MVP | Xamarin MVP | Xamarin Certified Developer |
Exrin MVVM Framework | Xamarin Forms Developer | Melbourne, Australia

2 Comments

  1. Jonathan Dibble

    Great article Adam.

    I found that on Android I needed to make the Window.SetFlags method call in the OnResume of MainActivity. It is isn’t done there, the content of the screen remains visible if you do this:
    1. Put the app in the background
    2. Select it from the preview
    3. Put it in to the background again

    Thanks for all your posts, I do find them interesting and informative.

    Cheers
    Jonathan