Android 13 devices must be configured to disable the use of third-party keyboards.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254759 | GOOG-13-010900 | SV-254759r862476_rule | Low |
| Description |
|---|
| Many third-party keyboard applications are known to contain malware. SFR ID: FMT_SMF_EXT.1.1 #47 |
| STIG | Date |
|---|---|
| Google Android 13 COBO Security Technical Implementation Guide | 2022-10-13 |
Details
| Check Text ( C-58370r862474_chk ) |
|---|
| Review the managed Google Android 13 configuration settings to confirm that no third-party keyboards are enabled. This procedure is performed on the EMM console. On the EMM console: COBO and COPE: 1. Open "Input methods". 2. Tap "Set input methods". 3. Verify only the approved keyboards are selected. If third-party keyboards are allowed, this is a finding. |
| Fix Text (F-58316r862475_fix) |
|---|
| Configure the Google Android 13 device to disallow the use of third-party keyboards. On the EMM console: COBO and COPE: 1. Open "Input methods". 2. Tap "Set input methods". 3. Select only the approved keyboard. Additionally, Admins can configure application allowlists for Google Play that do not have any third-party keyboards for user installation. |