At first: I've disabled the Keep me Signed In Feature per conditional access for a test user (Session control: never persistent browser session).
When a user navigates to outlook.office.com per browser, he's not able to use KMSI.
Now it comes to the problem: When the user doesn't close the browser app (because the App Switcher was blocked) on the android device, instead only closes the outlook.office.com Tab, the browser session keeps persistent.
How can i deal with this, except from:
allowing the app switcher and teach the user to fully close the whole browser
teach the user to sign out of outlook.office.com everytime
These two workarounds are way to error-prone and could result in data loss.