Skip to main content
Version: Next

Android App

The SyVault Android app is built with Kotlin and Jetpack Compose, following Material 3 design guidelines. It provides full vault management, biometric unlock, and system-wide autofill through Android's AutofillService framework.

Interface

The app uses a Material 3 design system with dynamic color theming (Material You on Android 12+):

  • Home Screen -- A searchable record list with type-based icons, vault grouping, and recent/favorites sections at the top. Pull-to-refresh triggers a vault sync.
  • Bottom Navigation -- Four tabs: Vault, Generator, Security, and Settings.
  • Record Detail -- Tap a record to open a full-screen detail view. Each field has a copy button. Passwords are masked by default with a visibility toggle. TOTP codes display with an animated countdown ring.
  • FAB (Floating Action Button) -- Tap the + button to create a new record. A bottom sheet presents the available record types.

Fingerprint / Biometric Unlock

SyVault uses the Android BiometricPrompt API with Class 3 (Strong) biometric requirement:

  1. After your first login, the app prompts you to enable biometric unlock.
  2. A 256-bit AES key is generated and stored in the Android Keystore with setUserAuthenticationRequired(true) and biometric binding. This key resides in hardware-backed storage (TEE or StrongBox if available).
  3. Your Account Key is encrypted with this biometric-protected key and stored in encrypted SharedPreferences.
  4. On biometric unlock, the Keystore releases the key only after successful biometric verification, allowing the app to decrypt the Account Key and unlock the vault.

If biometric verification fails three times, the app falls back to master password entry.

tip

On devices with StrongBox (Pixel, Samsung Galaxy S series, etc.), SyVault automatically uses the dedicated secure element for key storage, providing hardware-level tamper resistance.

AutofillService

SyVault implements Android's AutofillService to provide system-wide credential filling:

  • When any app or browser displays a login form, Android invokes SyVault's autofill service.
  • SyVault parses the AssistStructure to identify username and password fields using view hints, autofillHints, resource IDs, and heuristic analysis.
  • Matching credentials are presented as autofill suggestions in the system dropdown.
  • Tapping a suggestion triggers biometric verification, then fills the fields securely.
  • SyVault also detects save opportunities: when you manually type credentials and submit a form, a prompt appears offering to save the new login.

See Mobile Setup for configuration steps.

Record Creation

Tap the FAB and select a record type. The Android app supports creating:

  • Login -- Name, username, password (with inline generator), URL, TOTP (scan QR via camera or enter manually), and notes.
  • Secure Note -- Name and encrypted content field.

All other record types (Payment Card, Identity, SSH Key, API Key, Database, Server, Certificate, WiFi) can be created via the web vault or desktop app and are fully accessible on Android.

Import

Import from CSV or JSON files:

  1. Navigate to Settings > Import.
  2. Choose a file using Android's document picker (supports local storage, Google Drive, and other document providers).
  3. Map columns to SyVault fields.
  4. Review and handle duplicates.
  5. Records are encrypted locally with AES-256-GCM and synced.

Material 3 Design

The app implements Material 3 comprehensively:

  • Dynamic Color: On Android 12+, the app adapts its color scheme to your wallpaper using Material You dynamic color extraction.
  • Dark Mode: Full dark theme support, following the system setting or configurable independently.
  • Typography: Material 3 type scale with readable sizes for credential data.
  • Motion: Shared element transitions between the record list and detail view. Bottom sheet animations for record creation.
  • Adaptive Layout: On tablets, the app uses a list-detail two-pane layout.

Auto-Lock and Security

  • Auto-lock timeout: Configurable from "Immediately" to 4 hours.
  • Lock on background: Optionally lock when the app leaves the foreground.
  • Screen capture protection: By default, SyVault sets FLAG_SECURE to prevent screenshots and screen recording of the app. Disable in Settings if needed.
  • Root/jailbreak detection: On rooted devices, SyVault displays a warning and disables biometric unlock (configurable).

Configure all options under Settings > Security.