Enable privacy protection in Android Compose apps

When capturing user behavior data, you must take measures to exclude personally identifiable information (PII) such as credit card numbers or home addresses. In the Connect library, you can create a rule for certain text fields or exclude a whole screen from capturing.

The current version of the library supports Text, TextField and OutlinedTextField.

Instructions

Step A: tag text fields with PII

  1. Open the UI file that has the text field you want to exclude from capturing.
  2. Add an import statement for the text field depending on its type. See the cheat sheet below for quick reference.
  3. Rename the text field (Text -> LoggedText, TextField -> LoggedTextField, OutlinedTextField -> LoggedOutlinedTextField).
  4. Add the contentDescription parameter to the text field you have renamed.
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedText

LoggedText(
    text = "This is some text",
    contentDescription = "pii"  // Required for masking
)
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedTextField

LoggedTextField(
    value = text,
    contentDescription = "pii"  // Required for masking
)
import com.acoustic.connect.android.connectmod.composeui.customcomposable.LoggedOutlinedTextField

LoggedOutlinedTextField(
    value = "Outlined Text",
    contentDescription = "pii" // Required for masking
)
  1. If needed, repeat the steps for more text fields. You can reuse the same label for all of them.

Here is an example from Google's open-source Reply app. We have added the pii tag to the screen status message. This tag will only be used by the Connect library.

Step B: create privacy rules

  1. Create the ConnectLayoutConfig.json file based on a template.
  2. Add it to the assets directory in your project.
  3. In the masking object, set HasMasking to true.
  4. In the MaskAccessibilityLabelList property, enter the contentDescription tags you have assigned to the text fields.
  5. (optional) To disable the recording of a whole screen containing PII, add the AutoLayout.ScreenName object where ScreenName is the name of the screen. Set the ScreenChange property for that screen to false.
{
  "AutoLayout": {
    "GlobalScreenSettings": {
      "ScreenChange": true,
      "Masking": {
        "HasMasking": true,
        "HasCustomMask": false,
        "MaskAccessibilityLabelList": [
          "pii",
          "password"
        ]
      }
    },
    "com.example.reply.ui.navigation.Route.Articles": {
      "ScreenChange": false
    }
  }
}
  1. (recommended) Run the file through a JSON validator.

Step C: test the settings (Connect Ultimate)

If your company has an Ultimate subscription for Connect, you can check how your new rule is working.

  1. Run the app and view the text field you have masked - for example, the screen status in Google's Reply app. If the field is interactive, enter some text into it.
  1. In your Connect account, navigate to Insights > Sessions > Session search.
  2. Play back the session and make sure the text field hasn't been captured.
Masked text field

The protected text field in session replay

  1. If you excluded a screen from capturing, make sure its name isn't present in the session.

How it works

The masking object in ConnectLayoutConfig.json contains all properties related to PII protection.

PropertyValuesDescription
HasMaskingBoolean. Default value - false.Set the value to true to allow masking.
HasCustomMaskBoolean. Valid value - false.Protected text is replaced with a grey background.

In the current version, the default mask isn't customizable.
MaskAccessibilityLabelListArray of stringThe contentDescription labels of the elements that require privacy protection