Enable privacy protection in Android Compose apps
When capturing user behavior data, you must take measures to exclude personally identifiable information (PII) such as credit card numbers or home addresses. In the Connect library, you can create a rule for certain text fields or exclude a whole screen from capturing.
The current version of the library supports Text
, TextField
and OutlinedTextField
.
Instructions
Step A: tag text fields with PII
- Open the UI file that has the text field you want to exclude from capturing.
- Add an import statement for the text field depending on its type. See the cheat sheet below for quick reference.
- Rename the text field (
Text
->LoggedText
,TextField
->LoggedTextField
,OutlinedTextField
->LoggedOutlinedTextField
). - Add the
contentDescription
parameter to the text field you have renamed.
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedText
LoggedText(
text = "This is some text",
contentDescription = "pii" // Required for masking
)
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedTextField
LoggedTextField(
value = text,
contentDescription = "pii" // Required for masking
)
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedOutlinedTextField
LoggedOutlinedTextField(
value = "Outlined Text",
contentDescription = "pii" // Required for masking
)
- If needed, repeat the steps for more text fields. You can reuse the same label for all of them.
Here is an example from Google's open-source Reply app. We have added the pii
tag to the screen status message. This tag will only be used by the Connect library.

Step B: create privacy rules
- Create the ConnectLayoutConfig.json file based on a template.
- Add it to the
assets
directory in your project. - In the
masking
object, setHasMasking
totrue
. - In the
MaskAccessibilityLabelList
property, enter thecontentDescription
tags you have assigned to the text fields. - (optional) To disable the recording of a whole screen containing PII, add the
AutoLayout.ScreenName
object whereScreenName
is the name of the screen. Set theScreenChange
property for that screen tofalse
.
{
"AutoLayout": {
"GlobalScreenSettings": {
"ScreenChange": true,
"Masking": {
"HasMasking": true,
"HasCustomMask": false,
"MaskAccessibilityLabelList": [
"pii",
"password"
]
}
},
"com.example.reply.ui.navigation.Route.Articles": {
"ScreenChange": false
}
}
}
- (recommended) Run the file through a JSON validator.
Step C: test the settings (Connect Ultimate)
If your company has an Ultimate subscription for Connect, you can check how your new rule is working.
- Run the app and view the text field you have masked - for example, the screen status in Google's Reply app. If the field is interactive, enter some text into it.

- In your Connect account, navigate to Insights > Sessions > Session search.
- Play back the session and make sure the text field hasn't been captured.

The protected text field in session replay
- If you excluded a screen from capturing, make sure its name isn't present in the session.
How it works
The masking
object in ConnectLayoutConfig.json contains all properties related to PII protection.
Property | Values | Description |
---|---|---|
HasMasking | Boolean. Default value - false . | Set the value to true to allow masking. |
HasCustomMask | Boolean. Valid value - false . | Protected text is replaced with a grey background. In the current version, the default mask isn't customizable. |
MaskAccessibilityLabelList | Array of string | The contentDescription labels of the elements that require privacy protection |
Updated 1 day ago