MediaProjection is the Android API that lets an app capture or record the screen, the engine behind screen recorders, casting, and remote-support tools. It is powerful precisely because it can see the whole screen, including other apps, which is why it is gated behind explicit user consent and, on recent Android versions, tightened further. There are two sides to it for a developer: using it responsibly if your app captures the screen, and protecting your own sensitive screens from being captured by a screen recorder or a malicious app. Here is what MediaProjection is, how its consent model works, and how to handle screen capture safely.
Short answer
MediaProjection is the Android API for capturing or recording screen content, used by screen recorders, casting, and remote support. Per Android, it requires explicit user consent before capture, and apps targeting Android 14 or higher must declare a mediaProjection foreground service type and obtain consent before each capture session, with the consent dialog offering a single-app or entire-screen option. The risks are two-sided: if your app uses MediaProjection, you hold a capability that can see other apps, so handle the captured data carefully and request it only with consent; and to protect your own sensitive screens from being recorded by a screen recorder or a malicious capture, mark them with FLAG_SECURE, which excludes them from screenshots and screen capture. Treat screen capture as a high-trust capability on both sides.
What you should know
- MediaProjection captures the screen: the API behind recording and casting.
- It requires explicit user consent: shown before capture begins.
- Android 14+ tightens it: a
mediaProjectionforeground service type and per-session consent. - Consent can be single-app or full-screen: the user chooses the scope.
- Protect sensitive screens with
FLAG_SECURE: to exclude them from capture.
What is MediaProjection?
It is the system capability that lets an app receive the contents of the screen as a stream. With it, an app can record a video of the screen, cast it to another display, or process what is shown, which is what powers legitimate screen recorders, screen-sharing, and remote-assistance apps. Because that capability can capture whatever is on the display, including content from other apps, it is intentionally gated: the app asks for screen capture and the system shows the user a consent prompt, and only with that consent does capture begin. Recent Android versions have made the model stricter. On Android 14 and higher, an app using MediaProjection must declare the mediaProjection foreground service type, and the user must consent before each capture session rather than the app caching a previously granted token, and the consent dialog lets the user choose to share a single app or the entire screen. So MediaProjection is a deliberately consent-bound, increasingly scoped capability, reflecting how sensitive seeing the screen is.
What are the risks, and how does consent work?
Two-sided risk, governed by consent. The table summarizes.
| Aspect | Detail |
|---|---|
| Using MediaProjection | A capability that can capture other apps' content |
| User consent | Required before capture; per session on Android 14+ |
| Capture scope | Single app or entire screen, the user's choice |
| Foreground service type | mediaProjection declaration required on Android 14+ |
| Protecting your screens | FLAG_SECURE excludes content from capture |
There are two risk angles. The first is being the app that uses MediaProjection: you hold a capability that can capture sensitive content, including from other apps, so you must request it only with genuine user consent, capture no more than your feature needs, and handle the captured stream and any saved recording carefully so it does not leak. The second is protecting your app from capture: a user who has granted screen capture to a recorder, or a malicious app that obtains it, could capture your app's sensitive screens, and the defense is to mark those screens so they cannot be captured. The consent model is the system's primary control: capture cannot happen silently, the user is prompted, on recent versions for each session, and chooses whether to share a single app or the whole screen, which limits what a capturing app can see.
How do you handle screen capture safely?
Use the capability responsibly, and protect your sensitive screens. If your app uses MediaProjection, request capture only when the feature needs it and with clear user consent, declare the required mediaProjection foreground service type on Android 14 and higher, and obtain consent for each session rather than trying to reuse a token. Capture only the scope you need, and treat the captured frames and any recording as sensitive data: keep them only as long as required, store them securely if saved, and do not transmit them without the user understanding. On the other side, protect screens in your app that display sensitive content, login, payment, personal data, by marking them so the system excludes them from screenshots and screen capture, which means a screen recorder or a capturing app records a blank or protected frame instead of the sensitive content. Apply that protection to the specific sensitive screens rather than assuming users will not be recording. The principle is symmetry: when you capture, do so transparently and minimally with consent, and when you display sensitive content, mark it so it cannot be captured by anyone else.
What to watch out for
The first trap, if your app captures the screen, is requesting more than you need or mishandling the captured data, and on Android 14 or higher, failing to declare the mediaProjection foreground service type or trying to cache consent across sessions. The second is assuming your sensitive screens cannot be captured, when a screen recorder or a capturing app can record them unless you mark them protected. The third is treating the consent prompt as a formality rather than capturing only with genuine consent. Screen capture and screen protection are configured in your app, so a pre-submission scan such as PTKD.com (https://ptkd.com), which reads the compiled APK or AAB against OWASP MASVS, surfaces your permissions and components and assesses data handling, while the capture flow and screen protection are yours to implement.
What to take away
- MediaProjection is the Android API for capturing or recording the screen, gated behind explicit user consent, with Android 14+ requiring a
mediaProjectionforeground service type and per-session consent and offering single-app or full-screen scope. - If your app uses it, you hold a capability that can see other apps, so capture only with consent, take only what you need, and handle the captured data as sensitive.
- To protect your own sensitive screens from being recorded by a screen recorder or a capturing app, mark them so the system excludes them from screenshots and screen capture.
- Use a pre-submission scan such as PTKD.com to surface your permissions and data handling, and implement capture and screen protection deliberately.
