As with any third-party service, it’s important for you to understand and have the ability to manage what data is sent to Shake servers. Shake SDK allows you to filter out sensitive data on the mobile device itself, so it never reaches the Shake servers.
You can mark any view as private, and it'll automatically be deleted from the screenshot. Private views are stored as a weak reference, they get cleared from the memory when not used anymore.
Let's suppose you're building a shopping cart app and you want to delete the name and the credit card number views from the screenshot:
To remove view from private views use following method:
If you want to delete the whole screen from the screenshot, simply mark the whole activity as private:
To remove an activity from the list of private views, use the following method:
If you want to clear all the private views, use the following method:
Note that these methods won't delete sensitive views from screen recordings, only screenshots.
You can use Android system flag
FLAG_SECURE on activity if you want to prevent
sensitive data from being visible in the screen recording feature.
FLAG_SECURE will make activity black in screen recordings.
You can disable Screen Recording feature if you want make sure that sensitive data is not recorded.
Marking a view as private will automatically delete its touch events' text properties too. Consequently, you'll see them as
data_redacted strings in your Activity history.
Bear in mind that the view's ID, accessibility labels and tags remain visible.
Certain network requests may contain sensitive data which you may not want to send to Shake servers.
Shake.setNetworkRequestsFilter() method to obfuscate only the sensitive parts of those requests, or to entirely prevent certain network requests from being logged.
For example, if you'd like to obfuscate the Authorization header in all network requests sent from your app, do this:
If you do not want to log specific network requests, return
null from the
NetworkRequestsFilter like below:
To clear the network requests filter, use
If your app notifications contain sensitive data, use the
method to obfuscate only the sensitive parts of those notifications, or to entirely prevent certain notifications from being logged.
For example, if you'd like to obfuscate the description of the notification event that contains e-mail, do this:
If you do not want to track a specific notification event, return
null from the
NotificationEventsFilter like below:
To clear the notification events filter, use
Automatically redacted sensitive data
By default, Shake uses a series of regular expressions to redact sensitive data from notifications, touch events and network requests.
In addition, Shake will replace any header value with
data_redacted string if the header has a key that matches any string from the list of keywords below:
To disable this feature use the method below: