FingerprintManager versus the new BiometricPrompt API
Posted By : Sunidhi Sharma | 30-Nov-2018
Overview
Fingerprint scanning has become the latest trend to unlock the phone in almost all Android devices. Every new device released supports this feature, and why wouldn’t they? The feature kills two birds with the same stone: it provides a faster access to your phone as compared to pin, pattern, or password and saves the hassle of remembering passwords. The added benefit is of having the same level of security of the features mentioned above. This blogpost demonstrates how to use both: the FingerprintManager API and Biometric Prompt API, and why the latter has an ipper hand over the former.
Requirements
- Android device with Android P OS.
- Device with Fingerprint scan support.
- Android Studio version 3 or above.
- A new android project with Kotlin Support
Implementing Fingerprint Manager API
The
Below is the code demonstrating the use of FingerprintManager:
1. Adding Permissions to Manifest File
<uses-permission android:name="android.permission.USE_FINGERPRINT"/>
This permission is to be added in AndroidManifest file, it has the protection level of “normal”, so it is granted at the time of application installation, and is not required to be requested at the runtime.
3. Using public methods provided by Fingerprint Manager API
The API provides three public methods as mentioned below:
- isHardwareDetected()
- hasEnrolledFingerprints()
- authenticate()
Their use is shown in the code below:
@Throws(CertificateException::class, NoSuchAlgorithmException::class, IOException::class, UnrecoverableKeyException::class, KeyStoreException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class, NoSuchPaddingException::class)
private fun scanFingerprint(): Boolean {
val fingerprintManager = getSystemService(FINGERPRINT_SERVICE) as FingerprintManager?
if (fingerprintManager!!.isHardwareDetected && fingerprintManager!!.hasEnrolledFingerprints) {
val cipher = getCipherInstance()
val ivSpec = IvParameterSpec(mIvData)
val key = mKeyStore.getKey(KEY_NAME, null) as SecretKey
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec)
val cryptoObject = FingerprintManager.CryptoObject(cipher)
fingerprintManager.authenticate(cryptoObject, mCancellationSignal, 0x0, mAuthenticationCallback, mHandler)
return true
} else {
return false
}
}
Adding this code in the activity will provide the fingerprint scanning functionality by using fingerprint manager API. As shown above, the
Implementing Biomentric Prompt API
In contrast, the new BiometricPrompt provides support for both: access to fingerprint hardware as well as UI support. Also, it provides only one public method, i.e.; authenticate().
In order to use it, you need to follow the given steps:
1. Adding Permissions to Manifest File
<uses-permission android:name="android.permission.USE_BIOMETRIC"/>
The step is the same as discussed above while implementing Fingerprint Manager API. The permission is to be added in AndroidManifest.xml
2. Adding the UI
val biometricPrompt = BiometricPrompt.Builder(activity)
.setTitle("Title")
.setSubtitle("Subtitle")
.setDescription("Description")
.setNegativeButton("Cancel", executor, cancelListener)
.build()
The above code is to be added in your activity to implement the UI of the BiometricPrompt API.
3. Using public methods provided by BiometricPrompt API
Finally, for authentication use the method "authenticate()" as shown below:
biometricPrompt.authenticate(crypto, cancel, executor, callback)
Summary
Since, the BiometricPrompt’s UI is provided by the Android framework, it promises consistency across all the Android applications. This helps users to recognize when an application requests fingerprint scanning feature. The BiometricPrompt also supports Face authentication as well as Iris authentication feature.
To conclude, BiometricPrompt API is simpler to use than old FingerprintManager, and, at the same time, it provides a similar approach as FingerprintManager which makes refactoring quite easy.
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Sunidhi Sharma
An ardent computer science enthusiast working in the field of Android application development.