Android Backup Prevention
| Plan | Platforms | MASVS |
|---|---|---|
| Team | Android | MASVS-STORAGE-2 |
Overview
Android Backup Prevention disables Android's automatic backup mechanisms to prevent sensitive application data from being extracted through device backup channels. This control is applied at build time by setting the protected app's backup policy in the application manifest.
How It Works
Android applications can participate in automatic cloud backup (Auto Backup for Apps, introduced in Android 6.0) and local device backup accessible via ADB. When enabled, application data—including shared preferences, databases, and internal storage files—can be backed up and restored.
BackupPrevention disables these mechanisms by configuring the application manifest:
android:allowBackup="false": Blocks Auto Backup to Google Drive and preventsadb backupfrom extracting application data.
This is a build-time control—the manifest is modified during APK compilation and cannot be changed at runtime.
Note: Advanced backup controls like
android:dataExtractionRules(Android 12+) andandroid:fullBackupContentare not currently configured by this control. The primary mechanism is disabling backup entirely viaallowBackup="false".
How to Enable the Control
Navigate to Preventative Controls from the AppTego portal, and expand the Data Sharing Protection section. Under this section you will find the Disable Android Backup control. Click Enable to enable it for the next build or for it to be applied with a live push (if enabled).
API Configuration Example
{
"BackupPrevention": {
"protection": true
}
}| Field | Purpose |
|---|---|
protection | Enables disable android backup for protected apps. |
Threats Mitigated
- Physical Device Access: An attacker with physical access or ADB debugging privileges cannot use
adb backupto extract application data. - Cloud Backup Exposure: Prevents sensitive data from being automatically backed up to Google Drive or other cloud providers where it may be accessible via compromised accounts.
- Device-to-Device Transfers: Blocks data migration during device transfers that could expose information on a secondary device.
- Rooted Device Extraction: Reduces risk of backup-based data exfiltration on compromised devices where backup archives might be accessed.
Caveats
- No Data Restoration: Users cannot restore application data when reinstalling the app or migrating to a new device. Any local app state will be permanently lost on uninstall.
- User Experience Impact: Applications requiring data persistence across installs (e.g., offline content, user preferences) may frustrate users who expect standard Android backup/restore behavior.
- Conflicts with Host Configuration: If the host application already specifies
allowBackupor custom backup rules (fullBackupContent.xml,dataExtractionRules.xml), the build pipeline forcibly setsallowBackup="false", which may conflict with the host's intended backup strategy.
Support Matrix
| Platform | Minimum Version | Notes |
|---|---|---|
| Android | API 26 (8.0) | Supported. Applied via manifest merge at build time. |
| iOS | — | Not supported. See BackupProtection for iOS-specific backup controls. |
Related Controls
- BackupProtection (iOS): Separate iOS-specific control for keychain and file backup protection.