Prevent screenshot or screen capture on the QR code page

[JortWillemsen]

Describe the bug, issue or concern

At the moment it is possible to take a screenshot of the QR code (vaccination, recovery or test certificate). I think this is not desired for it allows very easy fraud. Users could just screenshot the QR code and send it to friends.

I know this could already be done by looking at the moving animations on screen but reality shows that bouncers or guards at clubs don't really look at that and only look at or scan the code.

To Reproduce

Steps to reproduce the behavior:

1. Go to my overview.
2. Click on view qr code.
3. Take screenshot or start capture.
4. See error.

Expected behavior

There could be multiple options with varying implementations.

• As Ziggo does this in their Ziggo go app once a screenshot is taken they turn to black and there is no information in the screenshot. This doesn't prevent screenshots from being taken but it holds no purpose for there is no information in the screenshot. Just a black screen.

• ABN AMRO app will not let you take a screenshot at all. They will just issue an alert to the user with an explanation that no screenshot was taken.

Additional context

Android documentation suggests using the following to disable capture inside an android window: https://developer.android.com/reference/android/view/WindowManager.LayoutParams#FLAG_SECURE

Governance

• [x] I've read the contributing document https://github.com/minvws/.github/blob/master/CONTRIBUTING.md
• [x] I've read and understand the Code of Conduct https://github.com/minvws/.github/blob/master/CODE_OF_CONDUCT.md
• [x] I understand that any contributions or suggestions I made may make it into the actual code. I've read the License https://github.com/minvws/nl-covid19-notification-app-coordination/blob/master/LICENSE.txt and the contributor license agreement https://github.com/minvws/nl-covid19-notification-app-coordination/blob/master/CLA.md

[BartNijland91]

Did you checkout the tst or acc flavor? The prod flavor that is in the Play Store has this feature:

https://github.com/minvws/nl-covid19-coronacheck-app-android/blob/31c3c54db27326823dc6a0fdf07e5ddebb912a29/holder/src/main/java/nl/rijksoverheid/ctr/holder/HolderMainActivity.kt#L52

[spoilerdo]

Why not generate a new QR code every x seconds or minutes, just like the ING app or WhatsApp Web does? So even when people are making screenshots, it will not be usable.

[SanderVeer]

Hi @spoilerdo , what you're suggesting is actually already in place, and has been for as long as the app is available to the public. Currently the QR has a validity of about 3 minutes, with the app refreshing it every 90 seconds. The scanner will disallow any QR that was created more than 3 minutes ago.

[spoilerdo]

Then why is there a problem that people can make screenshots if 1 QR code is only valid for 3 minutes. Also maybe make it shorter like 30 sec. Beceause that is all it really needs for someone to scan it.

[BartNijland91]

@spoilerdo What problem do you mean? We also prevent taking screenshots to make it clear to the user that this is not desired behavior.

[lc-nyovchev]

@JortWillemsen on my Samsung galaxy 9 with latest build 2.1.9 (1649) I get the message (when pressing the power button + volume down combination to take a screenshot):

Can't take screenshot due to security permissions

You still experiencing the same behavior where taking screenshots is possible?

[ijansch]

I'll close this ticket for now:

1. The most important counter measure is the digitally signed data inside the QR. If ID verfication is performed, it's the best mitigation against screenshots / stolen QRs etc.
2. Limited validity has always been in place, but we are evaluating making it shorter (this is a trade-off with accepted clock deviation)
3. The secure flag is set so that most android versions won't let you make a screenshot
4. The animations have been improved to be more continuous.
5. For clock deviations, the next version will display a warning that the clock is off.