The remote injection feature allows MDM providers to inject mouse and keyboard events from an MDM console to a device. This feature enables enterprise IT admins to set up or troubleshoot a device remotely, by injecting key, or touch events on an enterprise device.
Currently, Remote Injection can be used in any type of enterprise deployment to inject mouse and keyboard events to device users. This feature has the potential to be used in a malicious way to control devices without the user knowing.
In order to safeguard against potential misuse of Remote Injection on device users, Samsung will restrict the support of Remote Injection to only devices that have been configured with an Android Enterprise enrollment.
The purpose of this knowledge article is to provide information on the changes to the Knox SDK and underlying Knox Platform for Enterprise framework impacting remote injection.
Starting from the Android 14 update, apps that use Remote Injection will only work if the app is running in any one of the following Android Enterprise configuration profiles: fully managed, dedicated, corporate-owned or personally-owned work profile.
- This implies only for Samsung Knox devices.
- Since the current SureMDM remote control implementation relies on key event injection, screen capture will be hindered because we won’t be able to grant screen capture pop up automatically.
- From Android 14 onward, click events will not be supported if the customer has disabled Accessibility permission.
- Accessibility permissions are mandatory as the touch-events won’t work with Knox API.