diff --git a/apps/android/app/src/main/AndroidManifest.xml b/apps/android/app/src/main/AndroidManifest.xml
index 9c34cbf7a..8c31ed4e5 100644
--- a/apps/android/app/src/main/AndroidManifest.xml
+++ b/apps/android/app/src/main/AndroidManifest.xml
@@ -102,7 +102,9 @@
 
 
     <activity android:name=".views.call.IncomingCallActivity"
-        android:showOnLockScreen="true"/>
+        android:showOnLockScreen="true"
+        android:exported="false"
+        android:launchMode="singleTask"/>
 
     <provider
         android:name="androidx.core.content.FileProvider"
diff --git a/apps/android/app/src/main/java/chat/simplex/app/MainActivity.kt b/apps/android/app/src/main/java/chat/simplex/app/MainActivity.kt
index 5e953d8c1..0aabca7ee 100644
--- a/apps/android/app/src/main/java/chat/simplex/app/MainActivity.kt
+++ b/apps/android/app/src/main/java/chat/simplex/app/MainActivity.kt
@@ -3,6 +3,7 @@ package chat.simplex.app
 import android.app.Application
 import android.content.Intent
 import android.net.Uri
+import android.os.Build
 import android.os.Bundle
 import android.os.Parcelable
 import android.os.SystemClock.elapsedRealtime
@@ -133,7 +134,15 @@ class MainActivity: FragmentActivity() {
   }
 
   override fun onBackPressed() {
-    super.onBackPressed()
+    if (
+      onBackPressedDispatcher.hasEnabledCallbacks() // Has something to do in a backstack
+      || Build.VERSION.SDK_INT >= Build.VERSION_CODES.R // Android 11 or above
+      || isTaskRoot // there are still other tasks after we reach the main (home) activity
+    ) {
+      // https://medium.com/mobile-app-development-publication/the-risk-of-android-strandhogg-security-issue-and-how-it-can-be-mitigated-80d2ddb4af06
+      super.onBackPressed()
+    }
+
     if (!onBackPressedDispatcher.hasEnabledCallbacks() && vm.chatModel.controller.appPrefs.performLA.get()) {
       // When pressed Back and there is no one wants to process the back event, clear auth state to force re-auth on launch
       clearAuthState()