Android offers a powerful clipboard feature, which enables users to seamlessly copy multiple URL’s, text files or even images for that matter. In addition to this, there are a lot of apps that allow users to sync data between their Android devices and PCs. All these features are great to have, but not many people are aware of the security concerns clipboards pose.
As per The Telegraph’s report, an Android security vulnerability can let malicious apps gain access to personal information on any Android device that’s not running the latest Android 10 OS. Most Android users are oblivious to the fact that any app can access their clipboard data without their permission. Not only this, but apps can also access data in the clipboard when they are running in the background.
People copy sensitive information such as bank account numbers, two-factor verification codes, internet banking passwords and paste them in various places for safekeeping not realising that this data can be accessed by apps and isn’t as private as they would believe.
Hackers can perform attacks such as Javascript injection and command injection using clipboards. Popular gaming organisations like Tencent are known to access clipboard information even though their apps don’t require clipboard access to function.
Android 10 and increased Clipboard Security
Android 10 came with a lot of new privacy upgrades, including a dedicated menu in the phone settings, more control over location data as well as web and app activity, among several others. One of the not-so-popular security add-on released with Android 10 was the restriction placed on the way apps interacted with the clipboard.
In Android 10, only the apps in focus or your default input method editor can access the clipboard. Even though this upgrade increases data security, people are known to switch between apps within minutes, and an app could gain access to vital information in that timespan. If you’re using an Android version that isn’t the latest — Android 10 — this is an even more pressing issue. But there is a way to restrict apps from accessing information stored in your clipboard using the Android debug bridge.
So, if you’re running any version older than Android 10, check out the steps mentioned below to safeguard the data on your clipboard.
Also read: How does Android 10 fare on mid-tier smartphones? 3 talking points
Using ADB to limit access to the clipboardÂ
Android debug bridge is a tool which is used by developers during the testing period of apps. We have talked about ADB in great lengths and how to set it up on your laptop and android device in our article here. So now that you have enabled ADB, let us get on with restricted apps access to your clipboard.
Step 1: Open Comand Prompt by searching for cmd in the windows menu. Step 2: Once open, type the command:Â cd c:\adb.
Step 3: Connect your device to the computer using USB. Then type adb devices in the command prompt. If you have done everything correctly till now, you will see a message on cmd showing a list of connected devices. During the same time, you will get a message on your phone to give access to the PC. Step 4:Now, type adb devices again. This time your device will be authorised. Step 5: Then type the command adb shell. Step 6: Type the command cmd appops query-op –user 0 READ_CLIPBOARD allow,This will open a list of apps which can gain access to your clipboard in the form of packages. In most cases, it is clear to which app a package corresponds to, but if that is not the case, you can install App inspector to get information about the package. Step 7: Copy the name of the package you want to remove and type cmd appops set package name READ_CLIPBOARD ignore. Before you revoke clipboard access for any app, you should know that once that’s done, you won’t be able to paste anything into the app as the clipboard functionality will be disabled. To undo what you did in Step 7 type cmd appops set package name READ_CLIPBOARD allow.
Also read: What is DNS cache and how does it work?