Exploring Android Protected Confirmation

Android Protected Confirmation is a security feature that was introduced back in Android 9 (API level 28). This feature enables you to use Trusted UI to confirm a certain user action (usually a transaction).

What is Trusted UI?

Trusted UI is hardware-protected user interface that facilitates high assurance to critical transactions. There are three components within Trusted UI that you need to notice:

  1. Prompt message: This is the message that your app wants user to confirm. In the example below, the prompt message is You are going to transfer 4200 EUR to IBAN DE16533700240123456701
  2. Confirm button: This is the button that user needs to click to confirm the transaction. In the example, the confirm button is Double-press power to confirm.
  3. Cancel button: This is the button that user needs to click to cancel the transaction. In the example, the cancel button is Cancel.
This is how Trusted UI looks like (Source: source.android.com).

The Android Protected Confirmation documentation specifies the steps needed to utilize this feature, starting from generating asymmetric signing key up to displaying the confirmation dialog.

In this article, we are going to create a simple application that loosely follow those steps. We are only going to implement the client-side code and ignoring the server-side (relying/remote party) code. Here’s what it will look like at the end:

This is how Android Protected Confirmation looks like in action. I recorded this using another phone because Trusted UI doesn’t allow screenshots/screen recordings.

Where’s the Source Code?

Step by Step Explanation

Follow the steps provided below to create this application.

1. Open Android Studio. Create new project with “Empty Activity” option.

2. First, we need to add jackson-dataformat-cbor dependency to our app/build.gradle file. This is needed to parse CBOR data structure that will be returned by Android Protected Confirmation.

3. Next, we are going to update our layout, activity_main.xml file. The image below shows how the layout will look like. Starting from the top, there are 3 TextViews that display attestation challenge, attestation certificate issuer, and extra data. These first and last of these three things are the input of our Android Protected Confirmation. In a real app, attestation challenge and extra data can be provided by the relying party (remote server). In this article, however, these values will be hard-coded.

Below the TextViews, there is a button that will trigger the Android Protected Confirmation prompt. It will simulate a transaction of user sending their money to their mother.

Below the button, there are two TextViews that display data that was confirmed and signature. “Data that was confirmed” is the success output of Android Protected Confirmation. It is formatted using CBOR data structure. This data then will be signed with a PrivateKey, resulting in the displayed signature.

This is what activity_main.xml should look like.

To make the layout above, copy-paste the code snippet below:

4. Lastly, we are going to update our MainActivity.kt file. Go ahead and copy-paste the code snippet below. But here’s the most important things to note:

First, while we are creating a PrivateKey for signing, don’t forget to call setUserConfirmationRequired() and setAttestationChallenge() methods. The first method is used so that the PrivateKey can only be used to sign the data produced by Android Protected Confirmation. The second method is used so that we have attestation certificate that can be sent to the relying party to confirm the trustworthiness of the attestation.

Second, notice the content of MyConfirmationCallback class. If user confirms the transaction, onConfirm(dataThatWasConfirmed) will be called. Note that dataThatWasConfirmed is a CBOR structure data that will be signed by the PrivateKey.

Lastly, note the usage of ConfirmationPrompt.Builder to display the Android Protected Confirmation dialog itself.

5. That’s it! Now run your app and you should be able to see something like this:

This is how Android Protected Confirmation looks like in action. I recorded this using another phone because Trusted UI doesn’t allow screenshots/screen recordings.

As always, thanks for reading!




Android Engineer @ Bobobox.co.id

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Android App Development: How to get started properly.

Working with ViewPager2

How to zoom in or zoom out MatLab editor in MatLab via editor or script ?

Modularization of Android Applications with explicit initialization

Change my mind or Android development transformation to Jetpack Compose & Coroutines

How to Use Room | Android (JetPack) | PiLove notes

Android: Kotlin x Rust

How rational assumptions can lead to a crash

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Farhan Majid 🐾

Farhan Majid 🐾

Android Engineer @ Bobobox.co.id

More from Medium

Exploring Android RoleManager

How to Observe Application,Activity and Fragment States in Android

Android guide: Service

Run App using Wi-Fi (Android Studio Update)