Screenshot Detection
Protection Module: ScreenshotDetection
Available For
This protection module is available for iOS 12 and later with UIKit. It provides event-based detection of user screenshots captured via system UI.
| Platform | Support | Note |
|---|---|---|
| iOS | ✓ | iOS 12+ required |
| Framework | ✓ | UIKit required |
| Architecture | ✓ | All architectures |
How It Works
Screenshot Detection monitors system notifications for screenshot capture events. Unlike polling-based approaches, this module uses native iOS notifications for immediate and accurate detection with minimal performance impact.
Detection Techniques
The module employs the following detection strategies:
- Notification Monitoring: Observes
UIApplicationUserDidTakeScreenshotNotificationfor real-time screenshot detection - Frequency Analysis: Tracks screenshot count and patterns over time
- Behavioral Analysis: Detects suspicious screenshot patterns (rapid captures, during sensitive operations)
- State Correlation: Associates screenshots with sensitive application states
- Event Validation: Confirms legitimate screenshot events vs. simulated captures
Confidence Metrics:
- System notification: 1.0 (highly reliable)
- Behavioral analysis: 0.85-0.95
Detection Type: Event-driven (not polling-based)
JSON Configuration
JSON
{
"protections": [
{
"type": "ScreenshotDetection",
"action": "log",
"intervalMs": 0
}
]
}{
"protections": [
{
"type": "ScreenshotDetection",
"action": "log",
"intervalMs": 0
}
]
}Note: intervalMs is not applicable for event-based detection but should be set to 0 or omitted.
Code-Based Configuration
Swift
Swift
import ByteHideMonitor
BHMMonitor.configure { config in
config.enableProtection(.screenshotDetection, action: .log)
}import ByteHideMonitor
BHMMonitor.configure { config in
config.enableProtection(.screenshotDetection, action: .log)
}Objective-C
OBJC
#import <ByteHideMonitor/ByteHideMonitor.h>
[BHMMonitor configure:^(BHMMonitorConfiguration *config) {
[config enableProtection:BHMProtectionModuleTypeScreenshotDetection
action:BHMActionTypeLog];
}];#import <ByteHideMonitor/ByteHideMonitor.h>
[BHMMonitor configure:^(BHMMonitorConfiguration *config) {
[config enableProtection:BHMProtectionModuleTypeScreenshotDetection
action:BHMActionTypeLog];
}];Available Actions
| Action | Behavior | Recommended For |
|---|---|---|
| Close | Terminate application immediately | Production apps with critical IP |
| Log | Record incident and continue | Development, analytics |
| Erase | Securely delete data then terminate | Financial, healthcare apps |
| Custom | Execute custom handler | Enterprise integrations |
| None | Detect only, no action | Testing configurations |
See Actions for detailed action documentation.
When to Use
Enable Screenshot Detection if:
- Your app handles sensitive financial or personal information
- You need to comply with industry regulations (HIPAA, PCI-DSS, GDPR)
- You want to prevent unauthorized data capture
- You're building secure messaging, banking, or healthcare applications
- You need to audit user behavior with sensitive data
- You want to implement watermarking or redaction on detected screenshots
Consider using custom actions to trigger real-time redaction or notification mechanisms.
Code Examples
Swift - Basic Configuration
Swift
import ByteHideMonitor
class AppDelegate: UIResponder, UIApplicationDelegate {
func application(
_ application: UIApplication,
didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?
) -> Bool {
BHMMonitor.configure { config in
config.enableProtection(.screenshotDetection, action: .log)
}
return true
}
}import ByteHideMonitor
class AppDelegate: UIResponder, UIApplicationDelegate {
func application(
_ application: UIApplication,
didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?
) -> Bool {
BHMMonitor.configure { config in
config.enableProtection(.screenshotDetection, action: .log)
}
return true
}
}Swift - Custom Action with Redaction
Swift
BHMMonitor.configure { config in
config.registerCustomAction("screenshot-handler") { context in
let threatType = context.threatType
let description = context.threatDescription
let metadata = context.metadata
// Log the screenshot detection
print("Screenshot Detected: \(description)")
// Trigger content redaction
self.redactSensitiveContent()
// Notify user
DispatchQueue.main.async {
let alert = UIAlertController(
title: "Screenshot Detected",
message: "This app prohibits screenshots of sensitive data.",
preferredStyle: .alert
)
alert.addAction(UIAlertAction(title: "OK", style: .default))
self.window?.rootViewController?.present(alert, animated: true)
}
// Send to analytics
Analytics.logScreenshotEvent(timestamp: Date())
}
config.enableProtection(.screenshotDetection, customAction: "screenshot-handler")
}
private func redactSensitiveContent() {
// Implement content redaction logic
// For example, blur or hide sensitive views
}BHMMonitor.configure { config in
config.registerCustomAction("screenshot-handler") { context in
let threatType = context.threatType
let description = context.threatDescription
let metadata = context.metadata
// Log the screenshot detection
print("Screenshot Detected: \(description)")
// Trigger content redaction
self.redactSensitiveContent()
// Notify user
DispatchQueue.main.async {
let alert = UIAlertController(
title: "Screenshot Detected",
message: "This app prohibits screenshots of sensitive data.",
preferredStyle: .alert
)
alert.addAction(UIAlertAction(title: "OK", style: .default))
self.window?.rootViewController?.present(alert, animated: true)
}
// Send to analytics
Analytics.logScreenshotEvent(timestamp: Date())
}
config.enableProtection(.screenshotDetection, customAction: "screenshot-handler")
}
private func redactSensitiveContent() {
// Implement content redaction logic
// For example, blur or hide sensitive views
}Objective-C
OBJC
#import <ByteHideMonitor/ByteHideMonitor.h>
[BHMMonitor configure:^(BHMMonitorConfiguration *config) {
[config registerCustomAction:@"screenshot-handler" handler:^(BHMThreatContext *context) {
NSString *threatType = context.threatType;
NSString *description = context.threatDescription;
NSLog(@"Screenshot Detected: %@", description);
[self redactSensitiveContent];
dispatch_async(dispatch_get_main_queue(), ^{
UIAlertController *alert = [UIAlertController
alertControllerWithTitle:@"Screenshot Detected"
message:@"This app prohibits screenshots of sensitive data."
preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction *okAction = [UIAlertAction actionWithTitle:@"OK"
style:UIAlertActionStyleDefault
handler:nil];
[alert addAction:okAction];
[self.window.rootViewController presentViewController:alert animated:YES completion:nil];
});
}];
[config enableProtection:BHMProtectionModuleTypeScreenshotDetection
customAction:@"screenshot-handler"];
}];
- (void)redactSensitiveContent {
// Implement content redaction logic
}#import <ByteHideMonitor/ByteHideMonitor.h>
[BHMMonitor configure:^(BHMMonitorConfiguration *config) {
[config registerCustomAction:@"screenshot-handler" handler:^(BHMThreatContext *context) {
NSString *threatType = context.threatType;
NSString *description = context.threatDescription;
NSLog(@"Screenshot Detected: %@", description);
[self redactSensitiveContent];
dispatch_async(dispatch_get_main_queue(), ^{
UIAlertController *alert = [UIAlertController
alertControllerWithTitle:@"Screenshot Detected"
message:@"This app prohibits screenshots of sensitive data."
preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction *okAction = [UIAlertAction actionWithTitle:@"OK"
style:UIAlertActionStyleDefault
handler:nil];
[alert addAction:okAction];
[self.window.rootViewController presentViewController:alert animated:YES completion:nil];
});
}];
[config enableProtection:BHMProtectionModuleTypeScreenshotDetection
customAction:@"screenshot-handler"];
}];
- (void)redactSensitiveContent {
// Implement content redaction logic
}Platform Compatibility
| Component | iOS 12 | iOS 13+ | iOS 16+ | Notes |
|---|---|---|---|---|
| Notification Monitoring | ✓ | ✓ | ✓ | Full support across all versions |
| Event Detection | ✓ | ✓ | ✓ | Real-time screenshot detection |
| Behavioral Analysis | ✓ | ✓ | ✓ | Pattern recognition available |
Performance Impact
Screenshot Detection has minimal performance overhead:
- CPU Usage: <0.1% (event-driven, not polling)
- Memory Overhead: ~1-2 MB for event observer
- Detection Latency: <10ms from screenshot to event delivery
- Background Impact: Negligible - only responds to screenshot events
This module has the lowest performance impact of all protection modules due to its event-driven architecture.
Threat Detection Details
When a screenshot is detected, the threat context includes:
JSON
{
"moduleType": "ScreenshotDetection",
"threatType": "ScreenshotCaptured",
"threatDescription": "User captured screenshot of application",
"detectionResult": {
"eventType": "ScreenshotNotification",
"timestamp": "2024-03-15T10:30:45Z",
"confidence": 1.0
},
"metadata": {
"confidence": 1.0,
"eventSource": "UIApplicationUserDidTakeScreenshotNotification",
"timestamp": "2024-03-15T10:30:45Z",
"captureCount": 3
}
}{
"moduleType": "ScreenshotDetection",
"threatType": "ScreenshotCaptured",
"threatDescription": "User captured screenshot of application",
"detectionResult": {
"eventType": "ScreenshotNotification",
"timestamp": "2024-03-15T10:30:45Z",
"confidence": 1.0
},
"metadata": {
"confidence": 1.0,
"eventSource": "UIApplicationUserDidTakeScreenshotNotification",
"timestamp": "2024-03-15T10:30:45Z",
"captureCount": 3
}
}