# Secure Notifications
### Overview
The Android system status bar contains notification icons, current device status, and other system details. Hiding or disabling notifications prevents unauthorized access to certain apps and settings, provides better device functionality, and promotes a more immersive user experience. Secure Notifications is a Launcher feature that serves as a customizable replacement for the default Android system notification tray. It protects sensitive company data and ensures that the device is used only for the intended purpose.
{% hint style="info" %}
This feature only works on Android devices running on Android 6.0 Marshmallow (sdk 23) and above. This feature will not work on Android 5.1 lollipop devices because the Screen Overlay Permission is only available for 6.0+ devices.
{% endhint %}
### Getting Started
Secure Notifications allows IT administrators to gain granular control over Android enterprise devices by disabling the Android Status Bar and System Notifications Tray, and replacing them with the BlueFletch Secure Notifications Feature. This feature prevents potential threats from accessing the device settings through the notifications. This section will walk you through two major concepts: how to disable the Android notifications tray in various MDMs, and how to configure the Secure Notifications feature in the Launcher configuration.
#### Disabling Notifications in VMware Workspace One
* Log into your VMWS1 Instance;
* Navigate to Resource > Profiles;
* Click on the 'ADD' button and select 'Add Profile' from the dropdown list;
* Select Android as your Platform and you will be automatically navigated to the next screen;
* Provide a name for the Profile;
* Click 'Add' and the toggles in the 'Restrictions' drop down list will become active;
* Set the toggle to the **off** position for 'Allow Keyguard Notifications';
* Set the toggle to the **off** position for 'Allow Keyguard Unredacted Notifications';
* Set the toggle to the **off** position for 'Allow Status Bar';
* Click 'Next' and you will be navigated to the next screen;
* Confirm your selections and click 'Save & Publish'.
* *Once this Profile has been deployed to the devices, the BlueFletch Secure Notifications configuration can be applied. Instructions for configuring BlueFletch Secure Notifications can be found below in the 'Feature Configuration' section.*
#### Disabling Notifications in SOTI MobiControl
* Click on the menu icon in the top left corner of the MobiControl console which will expand the list of actions;
* Click on 'Profiles' which will take you to the 'Profiles' page;
* Click on ' + NEW PROFILE' which present a 'CREATE PROFILE' modal (shown below);
* Hover over the Android icon which will expose a drop down;
* Select the appropriate profile type for your device landscape. For the purposes of this documentation, we will select 'Work Managed';
* Once the profile type is selected, you will be shown a 'CREATE PROFILE' modal with three tabs, | GENERAL | CONFIGURATIONS | PACKAGES | (shown below);
* In the 'GENERAL' tab, provide a Profile Name and a Description;
* Click in the 'CONFIGURATIONS', which will present a 'Add a Configuration' modal (shown below);
* In the 'Add a Configuration' modal, click on 'Feature Control' which will present the 'FEATURE CONTROL' modal (shown below);
In the 'DEVICE FUNCTIONALITY' tab, toggle the 'Allow Status Bar' to the **off** position (shown below);
* Navigate to the 'SECURITY' tab, toggle the 'Allow Keyguard Notifications' and the 'Allow Sensitive Notifications' to the **off** position (shown below);
* Click 'SAVE', which will take you back to the 'CREATE PROFILE' modal (shown below);
* Click 'SAVE', and your Profile will be saved and available to assign to devices.
* *Once this Profile has been deployed to the devices, the BlueFletch Secure Notifications configuration can be applied. Instructions for configuring BlueFletch Secure Notifications can be found below in the 'Feature Configuration' section.*
#### Disabling Notifications in Microsoft InTune
* From the InTune Console, select 'Devices';
* Then click on 'Android';
* Once you click on 'Android', you'll see the option to '+ Create profile';
* Click on '+ Create profile' and it will extend the 'Create a profile' window on the right side of the screen (shown below);
* Select 'Android Enterprise' for the Platform dropdown;
* Select 'Device Restrictions' from the Profile type dropdown;
* Click 'Create' once completed, and you'll be taken to the 'Device restrictions' screen (shown below);
* Provide a Name for the Configuration profile and a Description;
* Hit 'Next' when complete and you'll be taken to Configuration Settings screen (shown below);
* Click on 'General', which will expand the dropdown options (shown below);
* Scroll down to the 'Fully managed and dedicated devices' section;
* Toggle the 'Status bar' to "Block";
* Hit 'Next' which will navigate you to 'Assignments' page (shown below);
* Assign the Configuration profile to the desired Groups and hit 'Next';
* Review the Configuration profile and hit 'Create'.
* *Once the Configuration profile has been deployed to the devices, the BlueFletch Secure Notifications configuration can be applied. Instructions for configuring BlueFletch Secure Notifications can be found below in the 'Feature Configuration' section.*
### Feature Configuration
To set up the Secure Notifications feature for a particular device profile or device group, please follow the steps below:
#### Enabling the Status Bar
If secureNotifications is set to true, the user won't be able to access the default Android system notifications from the device. If this configuration is not present, this feature is disabled.
```json
{
...
"secureNotifications" : {
"enabled": true,
}
}
```
#### Enabling the Heads-Up Pop-Up Feature
If enabledHeadsUp is set to true, the heads-up pop-up feature will be enabled. If this configuration is not present, this feature is disabled.
```json
"enableHeadsUp": true,
```
#### Setting Up the Range
To set up the range where the Heads-Up Pop-Up Feature will be shown, define the number of seconds in the configuration. If headsUpTime is disabled, the default is 3 seconds.
```json
"headsUpTime": 2000,
```
#### Configuring Allowed Packages
You can customize the packages that are allowed to send notifications. Only notifications from these packages will be displayed. If the list is empty or the key is missing, all notifications will be displayed unless blocked. An example configuration is shown below:
```json
"whitelist": ["com.example.phone", "com.example.music"],
```
#### Configuring Blocked Packages
You can customize the packages that must be blocked from sending notifications. Notifications from these packages will not be displayed. If the list is empty or the key is missing, no notifications are blocked. An example configuration is shown below:
```json
"blacklist": ["com.example.browser"],
```
If a package is both in the whitelist and blacklist configuration, the blacklist has higher priority, so the notifications from the package will not be shown.
#### Configuring Notification Bubble Settings
You can customize the color and width settings of the notification bubble. If bubbleColor has no specific value, the default color is white. If bubbleOffset is not specified, the notification bubble will be set in the middle of the screen. The example below shows the default configuration of the color and width settings:
```json
{
"bubbleColor" : "#FFFFFF",
"bubbleOffset" : 50
}
}
```
{% hint style="info" %}
Secure Notifications was introduced in Launcher 3.1.x.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/security-and-safety/secure-notifications.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
