Overlay Prevention
| Plan | Platforms | MASVS |
|---|---|---|
| Free | Android | MASVS-PLATFORM-3 |
Overview
Overlay Prevention helps protect Android users from tapjacking and UI redress attacks by reducing the ability of another app to obscure or interfere with AppTego-protected screens. Malicious overlays can trick users into tapping hidden controls, entering credentials into fake UI, or approving actions they did not intend.
When enabled, AppTego applies platform-supported overlay protection to protected app windows.
When To Use It
Use this control for:
- Login, MFA, payment, wallet, account recovery, and approval screens.
- Apps where fake UI or tapjacking could trigger sensitive actions.
- Banking, healthcare, identity, enterprise, and government applications.
- Apps that should not be operated while another app is covering the UI.
How It Works
The protected Android app applies platform overlay protections that reduce the risk of obscured or redirected touch interaction. AppTego does not publish exact event flags, window APIs, lifecycle hooks, or OS-version-specific implementation details in public documentation.
For visible user alerts and telemetry when overlays are detected, use Overlay Detection alongside this control.
How to Enable the Control
Navigate to Preventative Controls from the AppTego portal, and expand the Runtime Environment Hardening section. Under this section you will find the Overlay Prevention control. Click Enable to enable it for the next build or for it to be applied with a live push (if enabled).
API Configuration Example
{
"OverlayPrevention": {
"protection": true
}
}| Field | Purpose |
|---|---|
protection | Enables overlay prevention on supported Android windows. |
Compatibility Notes
- Legitimate overlays include accessibility tools, floating widgets, system UI, chat bubbles, screen-recording indicators, and some OEM features.
- Users who rely on assistive technology may be affected. Test accessibility workflows before enabling broadly.
- On older Android versions, the operating system may provide more limited overlay handling than newer versions.
- Pair with Overlay Detection and Accessibility Service Detection when you need both prevention and user-facing guidance.