Accessibility Services Simple Allowlisting | Guardsquare

Written by Guardsquare | Feb 12, 2024 2:28:12 AM

Guardsquare recommended technique

	Technique Summary
Technique	Accessibility services allowlisting
Against	Malicious accessibility services
Limitations	None
Side effects	Accessibility services that do not belong to the allowlist will not work
Recommendations	Recommended for use combined with other techniques.

Simple allowlisting

A simple strategy for application developers to detect potentially malicious applications present on the device can be to list all applications that have enabled accessibility services and check them against a predefined list.

A list of the activities with enabled accessibility services can be obtained with the code in the snippet below:

static boolean isAccessibilityServiceAllowed(Context context) { List allowedServices = Arrays.asList("com.mytrusted.assistant", "com.trusted.package"); AccessibilityManager am =(AccessibilityManager) context.getSystemService(Context.ACCESSIBILITY_SERVICE); List services = am.getEnabledAccessibilityServiceList(FEEDBACK_ALL_MASK); for (AccessibilityServiceInfo asi : services) { if (!allowedServices.contains(asi.getId())) return false; } return true; }

Accessibility Services Simple Allowlisting | Guardsquare

Simple allowlisting

Extensions