Configure callbacks on Android

When App Shielding performs security checks, it can either be configured to exit directly, or it can be configured to notify the application about the security event using a callback interface. This callback API is provided as part of the App Shielding package and must be integrated into the application source.

To configure App Shielding to provide security check results

1. Ensure that:

   • The relevant security feature is enabled in the configuration.

   • The feature is not configured to exit the application when a security problem is detected.

2. Create a class that implements the no.promon.shield.callbacks.ExtendedObserver interface. This interface defines the handleCallback method that is invoked several times with different CallbackData objects, where CallbackData contains data for the relevant security condition.

3. The callback class must be registered with App Shielding. This is performed by calling the static method addObserver(context, observer) of the no.promon.shield.callbacks.CallbackManager class.

   The arguments given to this method are the current Activity/Service/Context object and an instance of the class implementing the ExtendedObserver interface.

App Shielding performs security checks at different times in the application lifecycle. To ensure that the callback object is notified as soon as possible, a separate security check is performed whenever an observer is registered. This, in turn, will trigger callbacks.

Be careful about thread safety. It is not safe to assume that the callbacks will be called from the UI thread.

You can see an example of how to use the callbacks in the sample that is provided with the package.

For more information about configuring the App Shielding behavior after performing a security check, see OneSpan Customer Portal.