ShadowSafe

• 

• 

• 

  message generated by AI

• 

• 

• 

• 

  lockscreen

Inspiration We created ShadowSafe to empower individuals facing situations where their personal safety is at risk such as survivors of domestic abuse, journalists, activists, and travelers. They need a way to secretly and safely signal for help without alerting an assailant or coercer. Current device security often fails under duress, and we wanted to fill that critical gap.

What It Does ShadowSafe provides a dual-unlock system: a normal unlock code grants full access to the phone, while a secret decoy code triggers a convincing fake phone environment. Behind the scenes, it silently sends emergency alerts with location and audio, locks down sensitive apps, and discreetly monitors for break-ins all without tipping off an attacker.

How We Built It We leveraged Android’s Device Policy Controller framework to create isolated work profiles and programmatically hide or reveal apps. We implemented flexible triggers like special PINs, gesture detection, and biometric cues. Background services manage silent SMS/email alerts, audio recording, and covert front camera snapshots. The app disguises itself as a benign utility to blend seamlessly on the device.

Challenges We Ran Into The biggest hurdles were navigating Android’s evolving security permissions, especially around SMS and background tasks, and ensuring instant switching between real and decoy environments without noticeable lag. Achieving strong encryption and plausible deniability required balancing security with usability. iOS restrictions limited cross-platform parity.

Accomplishments That We’re Proud Of We successfully implemented a fully customizable decoy environment that convincingly mimics a normal phone interface. Our silent alert system sends GPS-tagged messages reliably without user interaction. The disguise and stealth features prevent the app’s detection by potential attackers. We created an extensible trigger framework that allows multiple discrete activation methods.

What We Learned Designing for real-world duress scenarios requires thinking beyond conventional security—usability under stress and plausible deniability are paramount. We gained deep insights into Android’s device management APIs, background service constraints, and ethical considerations around emergency alerting. Collaboration with legal and security experts proved essential.

What’s Next for ShadowSafe We plan to refine the user experience with smoother transitions and expanded trigger options. Extending backup and cloud sync features with strong privacy controls is underway. We aim to pilot with target user groups to gather feedback and improve robustness. Finally, exploring cross-platform alternatives and better integration with emergency services will advance our mission to keep users safe everywhere.

Built With

• firebase
• ml
• openai
• react
• typescript
• vite