It’s because the OSK is just another program as far as Android is concerned. It can’t directly look into the application, per Android specifications, but it CAN record key presses, even for passwords. It even receives context hints based on the metadata on the input box, so it knows when you’re putting in a password. Then it can send your data off to unknown servers.
It’s not just root. They would prefer you not to have a custom keyboard either.
That’s actually got a solid reason behind it.
It’s because the OSK is just another program as far as Android is concerned. It can’t directly look into the application, per Android specifications, but it CAN record key presses, even for passwords. It even receives context hints based on the metadata on the input box, so it knows when you’re putting in a password. Then it can send your data off to unknown servers.
thats a bit ironic seeing how the default keyboard on most phones are a privacy nightmare.
That it is, but at least it’s not sending your card details to me.
Yeah but why it’s sending details at all. There are FOSS options which are completely radio silent. Some password managers come with their own board.