Feature: Secure Notifications
Overview
The Secure Notifications feature is a Custom notification tray to be used as a replacement for the default Android System notification tray. This feature will allow device administrators to lock-down the notifications display and give them the ability to control which notifications are presented to the user.
Secure Notifications supports:
- Whitelist of applications from which to show notifications
- Blacklist of applications to not display notifications
- Display notifications ordered by notification priority and latest time
- A heads-up popup for high priority notifications
- Dismissable and ongoing notifications
- Pending intents, e.g. tapping on notifications to perform their action (such as launching into apps)
Technical Notes
Android SDK Version
This feature only works on Android devices running on Android 6.0 Marshmallow (sdk 23) and above. This feature will not work on Android 5.1 Lollipop devices because the Screen Overlay Permission is only available for 6.0+ devices.
Disabling Status Bar
The Android system status bar needs to be disabled on the device in order for a user to not be able to access the default Android system notifications. This can be done through an Enterprise Mobility Management (EMM) service.
VMware AirWatch
This setup only applies to Work Managed Device Managed Mode and does not work with Work Profile Managed Mode.
Step 1: Navigate to your AirWatch Dashboard's Profiles & Resources tab.
Step 2: Under Profiles, create or select a profile you want to disable the system status bar on.
Step 3: Under Restrictions uncheck Allow Status Bar.
Step 4: Save and Publish. Devices on that profile will now not be able to pull down the system status bar.
Configuration
{
...
"secureNotifications" : {
"enabled": true,
"enableHeadsUp": true,
"headsUpTime": 2000,
"whitelist": ["com.example.phone", "com.example.music"],
"blacklist": ["com.example.browser"],
"bubbleColor" : "#FFFFFF",
"bubbleOffset" : 50
}
}
| Key | Description |
|---|---|
| enabled | boolean Enable/disable the secure notifications feature. Default is false (disabled). |
| enableHeadsUp | boolean Enable/disable the heads-up popup feature. Default is false (disabled). |
| headsUpTime | integer Time in milliseconds to display a high priority heads-up popup on the screen. Default is 3000 (3 seconds). |
| blacklist | array An array of packages to blacklist. Notifications from packages in this list will be suppressed. Default is no blacklisted notifications. |
| whitelist | array An array of packages to whitelist. If used, only packages that appear in this list will be allowed to display notifications. If the list is empty then no notifications will be shown. If this field is ommitted then all notifications will be presented unless they are specified in the blacklist. |
| bubbleColor | string Hex code for color of the notification bubble. Default is #FFFFFF (white). A reboot is required for a change to this value to apply to a device. |
| bubbleOffset | integer Horizontal position of bubble, in percentage points of screen width. Valid values are 0-100, with 0 being far left and 100 being far right. Default is 50. A reboot is required for a change to this value to apply to a device. |
Notes
- If the
"secureNotifications"configuration is not present, then the secure notifications feature is disabled. - If a package is both in the whitelist and blacklist configuration, the blacklist has higher priority, so the notification's from the package will not be shown.
- The configuration
"secureNotifications"section is under the root JSON.
Permissions
For secure notifications, Launcher will request these required Android Permissions:
- Screen Overlay Permission. This permission grants access to Launcher to draw the notification tray on top of other applications. This permission is granted by using the
"android.settings.action.MANAGE_OVERLAY_PERMISSION"settings menu. - Notification Listener Permission. This permission grants access to Launcher to allow notifications details to display in the secure notifications tray. This permission is granted by using the
"android.settings.ACTION_NOTIFICATION_LISTENER_SETTINGS"settings menu.
Granting Required Permissions Flow
Step 1. When the Launcher is first launched after "secureNotifications" is enabled in the config, a dialog will appear to request the Screen Overlay Permission (if not already granted) as shown below.
Step 2. After OK is clicked, the settings screen for Display Over Other Apps will be shown. The toggle next to Allow display over other apps should be clicked.
Step 3. After the toggle has been enabled for the Screen Overlay Permission, press the back button on the button of the screen. Once back to the Launcher, the another dialog will appear to request the Notification Listener Permission.
NOTE: If the Screen Overlay Permission wasn't granted, then Steps 1 & 2 will repeat until the Screen Overlay Permission is granted or "secureNotifications" is disabled in the config.
Step 4. After OK is clicked, the settings screen for Notification Access will be shown. The toggle next to EMS Launcher should be clicked.
Step 5. Another dialog will appear asking to allow notification accesses for EMS Launcher. Press allow.
Step 6. After the toggle has been enabled for Launcher, press the back button on the button of the screen.
NOTE: If the Notification Listener Permission wasn't granted then Steps 4 & 7 will repeat until the Notification Listener Permission is granted or "secureNotifications" is disabled in the config.
The Launcher has now been granted all the required permissions for the Secure Notifications features.
Feature Introduced
Feature Introduced in Launcher 3.1.x.