¡Caminando hacia el éxito!

Aprende en Comunidad

Avalados por :

Ways to Secure Sensitive Data in the App Switcher: Best Practices and Implementation

  • Creado 01/03/2024
  • Modificado 01/03/2024
  • 23 Vistas
0
Cargando...
Hello community,

A while ago, I was giving a workshop and a question came up regarding sensitive data being displayed when an app enters the background and becomes visible in the App Switcher. I thought this could be interesting for some of you out there so I am writing this small blog post which will show different ways of hiding sensitive data in the App Switcher.

First of all, if we talk about the privacy and security of enterprise apps or any apps which contain sensitive data you have to find a way to make sure the user's data is always secured. One way would be to let the user do an authentication every time the app enters the foreground, which is not really what we want right. Forcing the user to authenticate constantly is really cumbersome and not great when it comes to User Experience.

Using SAP Mobile Services you can change the client policies of your app to have a kind of "session timeout" after some time. This could be an interesting way to make sure that if the user hasn't used the app in a while that a re-authentication is necessary. The authentication, in that case, would be re-entering the app's passcode set by the user during the onboarding process.

But now what happens with the screenshots that have been taken by the OS when switching apps?

So there are several ways of preventing to have sensitive user data visible in the app's screenshot in the App Switcher. Let's see what we can do:

Hide sensitive data before going into the background


Before your app enters the background you can go and adjust the UI to delete or simply not show the user's sensitive. Depending on your UI that can be a bit cumbersome with the state restoration because you have to fill back in the stripped out UI when the app gets active again.

There are two ways to know when the app is about to switch from active to inactive: you can implement the applicationWillResignActive(_:) method in the AppDelegate of your app, another way would be registering to the UIApplication.willResignActiveNotification . The latter approach allows it to do that at any point in your app code.
override func viewDidLoad() {
    super.viewDidLoad()
    let notificationCenter = NotificationCenter.default
    notificationCenter.addObserver(self, selector: #selector(doSomething), name: UIApplication.willResignActiveNotification, object: nil)
}

@objc func doSomething() {
    print("Remove user sensitive data!")
}

The downside of manipulating the data or the UI when going into the background is that in the state restoration of the app you have to make sure that everything is back to the original state. That can become fairly cumbersome and complicated if you have screens with a lot of user input fields.

Blur the App's Screenshot for the App Switcher


Another approach that is less work for the developer but equally good in my personal opinion is to just blur out the app's screenshot which gets displayed in the App Switcher.

To do so you can implement the blurring and take/replace the screenshot in the App Delegate in just a few lines of code.

Let's see how that works:

In the App Delegate, you can utilize the applicationWillResignActive(_:) method to take a screenshot, apply a blur effect and set it as current view in the app's window instance.

Pedro Pascal
Se unió el 07/03/2018

Pinterest
Telegram
Linkedin
Whatsapp

Sin respuestas

No hay respuestas para mostrar No hay respuestas para mostrar Se el primero en responder

contacto@primeinstitute.com

(+51) 1641 9379
(+57) 1489 6964

© 2024 Copyright. Todos los derechos reservados.

Desarrollado por Prime Institute

¡Hola! Soy Diana, asesora académica de Prime Institute, indícame en que curso estas interesado, saludos!
Hola ¿Puedo ayudarte?