Securing third party keyboard traffic

PaulRR
Level 1.5: Cupcake

We are facing a situation where users are complaining about the default Samsung Keyboard that comes with Galaxy devices as the corporate device. We are looking into providing other options such as Gboard and Swiftkey but the problem is we are unable to fully secure traffic going to these third party services.  For Gboard there are some options onthe MDM as amanaged app while Swiftkey does not have many options. Main reason we stick  with Samsung is the Knox service plugin which helps secure the device more including keyboard however it only applies to samsung keyboard. With each other keyboard we introduce we have to rely on the key value pairs that come with the app to select options we can lock down as needed. Not all the app developers are enterprise focused so its hard to get any feature requests thoguh. Only other thing I can think of is blocking traffic at a network level to ensure nothing goes through but then we would need to know the addresses that are used. Has anyone faced this situation? 

2 REPLIES 2

Moombas
Level 4.1: Jelly Bean

No and there will be only 2 ways (as I see) to acchieve this:

1. Ask the app developers
2. Track the device network activity (from a test device only!) when using the keyboard vs. not using anything else and compare those.

oplante_fleksy
Level 1.5: Cupcake

Hi @PaulRR one way to circumvent this is to ask Fleksy to provide a custom text input method for your devices. They have either a white-label solution (SDK) that you can customize yourself OR they can provide an APK. Their virtual keyboard can be preloaded as default and is fully local. Learn more on their B2B website here: www.fleksy.com/solutions/