Android keylogging threat

Abstract

The openness of Android platform has attracted users, developers and attackers. Android offers bunch of capabilities and flexibilities, for instance, developers can write their own keyboard service-similar to Android soft keyboards-using the KeyboardView class. This class is available since api level 3.0 and can be part of the layout of an activity. Users prefer to download and install third-party keyboards that offer better experience and capabilities. However, there are security risks related to users installing and using these custom keyboards. Attackers can build or take advantage of existing third-party keyboards to create keyloggers to spy on smartphones users. Third-party keyboard once activated would substitute the Android standard keyboard, so all keys events pass this app. As results, many attacks can be launched identified by the permissions granted to these apps. The objective of this paper is to present these attacks, analyze their causes, and provide possible solutions.