Screen capture protection

A very common question we are asked is “can we include protection against screen capture” for our PDFs on a cross-platform basis? The simple answer is “no”, whatever system or supplier you look at and whatever others may claim! A little background should help clarify this.

With the introduction of screens for interacting with computers in the 1980s it was necessary to provide dedicated hardware components to manage the display of text and graphics. As PCs and similar devices became more advanced, graphical demands became greater and specialized “graphics cards” (and later, “chipsets”) were included to provide this functionality. The cards and chipsets included both processing and memory handling functions, and software tools soon became available that would access the stored information directly. These were initially utility programs, and then rapidly this functionality was included in third party photo/image processing software and built-in tools (e.g. the Snipping tool in Windows 7 and Grab on Mac OSX 10). This allowed users to display information on screen and then “capture” all or part of the screen for subsequent editing. The user did not need to understand where this information came from, just that it was readily accessible. The operating system was essentially bypassed by the screen capture software, which could go straight to the hardware memory to read the information that was displayed visually on-screen.

To prevent such programs from being used to capture screens mechanisms had to be found that interfered with the way they worked. The principal mechanism was to identify that a process was running that was known to have screen capture functionality, and then to refuse to display some or all of the screen until the offending process (program) was terminated. This worked fine for some years, until new devices, operating systems and ways of working were introduced in the last few years.

With the introduction of mobile devices (tablets) manufacturers quickly realized that many customers wanted to capture screens for onward processing. Instead of leaving this to third party software providers they included combinations of buttons that could be pressed to screen grab and save to the local image “Gallery”, in the same way that photographs taken with built-in cameras were stored. This hardware-based screen capture facility meant that information display, such as a PDF on screen, could always be captured and no software mechanism could prevent it. In parallel, more advanced versions of desktop operating systems from Apple and Microsoft started to include screen capture software as standard, running in a background thread or process, that end users were completely unaware of. An example is Microsoft’s OneNote software, which even when closed still retains a background process for screen capture (see further, below, on how to around the OneNote restriction). These changes to the hardware and operating system environment have meant that mechanisms to prevent screen capture either no longer work in a cross-platform world or create more problems than they solve. However, limited scale protection is possible for specific operating systems, notably Windows variants, where systems such as Javelin now incorporate some quite clever procedures for preventing screen capture if this option is specified for secured PDFs.

A further development has been the introduction of much higher resolution screen displays. Until very recently all computer screens were less than 100dpi (dots or pixels per inch). This compares with typical print output which is at least 300dpi, and high quality print and image data which is 1200-2400dpi. High resolution screens require far more memory and processing, which is why they have only started appearing in the latest range of tablet and mobile phone devices (e.g. iPhone6 has a 400dpi screen). Such devices can be scanned or digitally photographed, so the display itself becomes like a paper copy of the source material, and nothing can prevent the use of such external mechanisms from capturing screens at a resolution that enables reading and/or conversion via OCR to structured text.

The only workable cross-platform solution to such issues is to add static and dynamic watermarking to secured PDFs. This information then forms part of the in-memory and on-screen data, and as such will always be included in any capture process, and can be difficult or impossible to remove. It is even possible to include invisible watermarks, using special characters or hidden graphics. The use of watermarking is discussed in another of our blog entries – please see here for more details.

Drumlin Security’s Javelin PDF readers support several mechanisms for content and screen capture protection. The first is the displayed information is essentially just a graphic image, rather than selectable text – there is no facility for text selection and all information is held in memory, with no temporary disk files that include decrypted data. The second is support for static and dynamic watermarking, as discussed above. Finally, recently enhanced, there is the screen capture protection option. If you have any questions regarding this blog item, do please contact us or add your own comment to this entry.

OneNote: to remove the problem when OneNote is running in the background, the user should press CTRL+SHIFT+ESC at the same time and the Windows Task Manager will be displayed. Then select the Details tab and locate the onenotem.exe task (see screenshot below), and when it is highlighted (i.e. selected) press the End Task button to stop the process and bingo, the Javelin process will have the on-screen message disappear. Then, when the user has finished using Javelin, simple re-start Microsoft OneNote and it will be fully available again.

onenote