diff --git a/best-practices/MASTG-BEST-0029.md b/best-practices/MASTG-BEST-0029.md new file mode 100644 index 00000000000..f597f38536d --- /dev/null +++ b/best-practices/MASTG-BEST-0029.md @@ -0,0 +1,110 @@ +--- +title: Marking UI Views as Containing Sensitive Data +alias: marking-ui-views-sensitive-data +id: MASTG-BEST-0029 +platform: android +knowledge: [MASTG-KNOW-0108] +available_since: 35 +--- + +## Overview + +Starting with Android 16 (API level 35), developers should mark sensitive UI views using the [`accessibilityDataSensitive`](https://developer.android.com/reference/android/view/View#attr_android:accessibilityDataSensitive) attribute to protect against malicious accessibility services. This protection prevents unauthorized apps with accessibility permissions from reading sensitive view content or performing interactions unless they are declared as legitimate accessibility tools via [`isAccessibilityTool`](https://developer.android.com/reference/android/accessibilityservice/AccessibilityServiceInfo#FLAG_ACCESSIBILITY_TOOL). + +## Recommendation + +Apply `accessibilityDataSensitive="true"` to views that handle or display sensitive information, such as: + +- Login screens (username and password fields) +- Payment and transaction confirmation screens +- Personal information forms (SSN, credit card numbers, etc.) +- Two-factor authentication inputs +- Biometric authentication prompts +- Any view displaying confidential user data + +### XML Implementation + +```xml + + +