Visa Inc.
METHODOLOGY TO OBFUSCATE SENSITIVE INFORMATION IN MOBILE APPLICATION BACKGROUND SNAPSHOT

Abstract:

Techniques described herein are directed to a system which prevents unintended data leakage by intelligently masking/obfuscating sensitive data by carefully listening for application lifecycle events and acting upon those events. The system may manipulate the data which will be displayed just before the creation of a snapshot by the OS. The system may identify all data fields from the last-seen screen for the software application which are marked as sensitive and then obfuscate those data fields. Thus, the system can mask the sensitive data that appears in the last-seen screen, such that any snapshot taken during this time, all the sensitive fields will be obfuscated. Once the application enters to the foreground state completely, reverse logic can be applied for removing the masking to present actual data. Thus, the system maintains the security of sensitive data while minimizing any impact on the user experience.