Accessibility Services were designed for assistive use cases. But today, they represent a sensitive trust boundary in Android systems. What’s actually happening? Once enabled by the user, an accessibility service can: Observe UI changes Read parts of screen content Attempt interactions like clicks or gestures This creates a cross-app interaction layer. The real problem Most systems assume: HTTPS protects data APIs validate actions But this class of risk operates before the request is formed . It can influence interactions at the UI level. Why this matters Actions may not reflect actual user intent UI flows can be influenced Requests may still appear valid What architects should do Avoid trusting UI confirmation alone Add backend validation for intent Monitor behavioral anomalies Introduce friction in critical flows Final thought This is not a fully preventable problem. But it is detectable and can be made significantly harder to exploit.…