Copied RSS Feed

Xamarin

Protecting Sensitive Data in the Background in Xamarin.Forms

Information security is as simple as ABC: always be careful.

                                                                                                        —Anonymous

Nowadays, mobile applications have become our daily bread. They are essential tools for developing our digital lives. We do everything through apps. We manage our bank accounts, listen to music, inform ourselves, read the news, share on social networks, and so on.

We know that we use each application for our convenience, but every time we install a new one, are we aware of the permissions we will grant it? That is, do we know the security level of any application?

I imagine everyone’s answer is a resounding no. And what we do know is that comfort and safety are antagonistic: the higher one is, the lower the other, and vice versa.

Privacy by default

The concept of privacy by default means that applications, software, or systems, from the moment they are created, should take measures to protect a user’s information (i.e. they should provide a data security facility).

For this, there are already methodologies that review the application code itself and provide guidelines for security, including data encryption, SSL-TLS protocols, vulnerability tests, audits, authentication mechanisms, storage, etc.

Just a few…

Certain applications have recently improved their features regarding the security they offer to users, such as PayPal, WhatsApp, and of course all banking applications. If we pay attention to any of them, we can see that they have a function to protect confidential information in the background.

But how do they do it?

The answer is super simple, so let’s see how we can do it in our Xamarin.Forms applications.

Let’s start with iOS

To protect our confidential information on Apple devices, we should go to the AppDelegate.cs file and enter the following methods:

  • OnResignActivation – Helps us block the content.
  • OnActivated – Helps us unlock the content.

Refer to the following code example.

using UIKit;
using Foundation;
using System.Linq;
 
namespace SensitiveData.iOS
{
    [Register("AppDelegate")]
    public partial class AppDelegate : global::Xamarin.Forms.Platform.iOS.FormsApplicationDelegate
    {
 
        public override void OnResignActivation(UIApplication application)
        {
            var blurEffect = UIBlurEffect.FromStyle(UIBlurEffectStyle.ExtraDark);
            var blurEffectView = new UIVisualEffectView(blurEffect)
            {
                Frame = application.KeyWindow.Subviews.First().Bounds,
                AutoresizingMask = UIViewAutoresizing.FlexibleDimensions,
                Tag = 12
            };
            application.KeyWindow.Subviews.Last().AddSubview(blurEffectView);
            base.OnResignActivation(application);
        }
 
        public override void OnActivated(UIApplication uiApplication)
        {
            var sub = uiApplication.KeyWindow?.Subviews.Last();
            if (sub == null)
                return;
            foreach (var vv in sub.Subviews)
            {
                if (vv.Tag == 12)
                    vv.RemoveFromSuperview();
            }
            base.OnActivated(uiApplication);
        }
 
        public override bool FinishedLaunching(UIApplication app, NSDictionary options)
        {
            global::Xamarin.Forms.Forms.Init();
            LoadApplication(new App());
 
            return base.FinishedLaunching(app, options);
        }
    }
}

On Android

Now for Android, we need to go to the MainActivity.cs file and do practically the same thing we did for iOS but in the OnPause and OnResume methods, like in the following code:

protected override void OnResume()
{
    Window.ClearFlags(WindowManagerFlags.Secure);
    base.OnResume();
}
protected override void OnPause()
{
    Window.SetFlags(WindowManagerFlags.Secure, WindowManagerFlags.Secure);
    base.OnPause();
}

Result:

Android
iOS
Images Source: Vicente Guzman GitHub

GitHub Reference: You can download the full code from GitHub.

Conclusion

For developers, application user’s data can be protected by following the steps provided in this blog post.

For the mobile application users, it is clear that if they want to protect their privacy and make their data safe (or less exposed), they must, in addition to reviewing the permissions of each application one by one, sacrifice comfort a little and perform a couple (or a few) more clicks instead of leaving all the settings as the developers of those apps would like them to be: 100% accessible.

So, use the tips given in this post and safeguard your sensitive data from unauthorized persons.

Happy coding!

About Syncfusion

Syncfusion offers over 150 UI controls for Xamarin, from basic editors to powerful, advanced controls like the DataGrid, Charts, ListView, and RTE controls. Use them to build charming applications!

If you want to send us feedback, please use the comments section below. You can also reach us through our support forumsDirect-Trac, or feedback portal. We are always happy to assist you!

If you like this post, we think you will also like the following:

Meet the Author

Vicente Gerardo Guzmán Lucio

Vicente Guzmán has more than 8 years of experience in the professional field, focusing on the development of mobile apps.
He was acknowledged as MVP of Microsoft in the category of Windows Development. Currently he works as a Mobile Project Leader, centered in the development with Xamarin technology.