Features in Technical Preview
Features in Technical Preview are available to use in non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix® does not accept support cases for features in technical preview but welcomes feedback for improving them. Citrix might act on feedback based on its severity, criticality, and importance.
Anti-Keylogging support on Citrix Workspace app for Android
Starting from the 25.5.0 version, Citrix Workspace app for Android supports the App Protection Anti-Keylogging feature. Anti-Keylogging is a security feature that prevents malicious software (malware) from capturing user input made into the Citrix Workspace app. This feature prevents exfiltration of confidential information such as user credentials and other sensitive information.
The admins can choose to enable anti-keylogging for the following:
- Virtual Apps and Desktops
- Web and SaaS apps opened through WebView
- Authentication screens
For more information about configuring the App Protection feature, see Configure App Protection.
Use cases
After anti-keylogging is enabled, the following restrictions apply:
-
A user can’t use a non-OEM keyboard on anti-keylogging enabled resources. For example, a user has to use the Samsung Keyboard on a Samsung device. If a user is using a non-OEM software keyboard, then during launch of the resource, the keyboard gets blocked. The user can then continue with the launch and use a physical keyboard or must go to the settings and change the keyboard to the OEM keyboard.
-
Accessibility service has to be disabled. In case accessibility service enabled, resource launch is blocked with the following error:
-
Developer mode has to be disabled. In case developer mode is enabled, launch is blocked with the following error:
Recommendations
Turn on Root detection. A rooted device significantly reduces the security posture of the end user. We recommend you to turn on the Root Detection feature. Click here for instructions.
Feature limitations
We do not support anti-keylogging on Custom Chrome Tab and Custom Portal. If you install the Citrix Workspace™ app on a managed device, the administrative app primarily governs its security. In this setup, the admin app retains comprehensive control over the device and might capture keystrokes even when Anti-Keylogging is enabled.
Disclaimer
App Protection policies work by filtering access to required functions of the underlying operating system (specific API calls required to capture screens or keyboard presses). Doing so means that App Protection policies can provide protection even against custom and purpose-built hacker tools. However, as operating systems evolve, new ways of capturing screens and logging keys might emerge. While we continue to identify and address them, we can’t guarantee full protection in specific configurations and deployments.