FingerprintManager versus the new BiometricPrompt API

Posted By : Sunidhi Sharma | 30-Nov-2018

Overview

Fingerprint scanning has become the latest trend to unlock the phone in almost all Android devices. Every new device released supports this feature, and why wouldn’t they? The feature kills two birds with the same stone: it provides a faster access to your phone as compared to pin, pattern,  or password and saves the hassle of remembering passwords. The added benefit is of having the same level of security of the features mentioned above. This blogpost demonstrates how to use both: the FingerprintManager API and Biometric Prompt API, and why the latter has an ipper hand over the former.

Requirements

  1. Android device with Android P OS.
  2. Device with Fingerprint scan support.
  3. Android Studio version 3 or above.
  4. A new android project with Kotlin Support

Implementing Fingerprint Manager API

The FingerprintManager API was made public for developers with the release of Android 6.0, in 2015. But, now, with the launch of Android 9.0, it is deprecated. Now, Google supports the fingerprint scanning feature with new BiometricPrompt API.
Below is the code demonstrating the use of FingerprintManager:

1. Adding Permissions to Manifest File

<uses-permission android:name="android.permission.USE_FINGERPRINT"/>

This permission is to be added in AndroidManifest file, it has the protection level of “normal”, so it is granted at the time of application installation, and is not required to be requested at the runtime.

3. Using public methods provided by Fingerprint Manager API
The API provides three public methods as mentioned below:

  • isHardwareDetected()
  • hasEnrolledFingerprints()
  • authenticate()

Their use is shown in the code below:

@Throws(CertificateException::class, NoSuchAlgorithmException::class, IOException::class, UnrecoverableKeyException::class, KeyStoreException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class, NoSuchPaddingException::class)
private fun scanFingerprint(): Boolean {
    val fingerprintManager = getSystemService(FINGERPRINT_SERVICE) as FingerprintManager?
    if (fingerprintManager!!.isHardwareDetected && fingerprintManager!!.hasEnrolledFingerprints) {
        val cipher = getCipherInstance()
        val ivSpec = IvParameterSpec(mIvData)
        val key = mKeyStore.getKey(KEY_NAME, null) as SecretKey
        cipher.init(Cipher.DECRYPT_MODE, key, ivSpec)
        val cryptoObject = FingerprintManager.CryptoObject(cipher)
        fingerprintManager.authenticate(cryptoObject, mCancellationSignal, 0x0, mAuthenticationCallback, mHandler)
        return true
    } else {
        return false
    }
}

Adding this code in the activity will provide the fingerprint scanning functionality by using fingerprint manager  API. As shown above, the FingerprintManager API provides hardware access for Fingerprint Scanner, the FingerprintManager lacks behind in one aspect, i.e.; providing the UI for application integration. The developers need to build and manage their own UI to let the users know that they need to scan their fingerprint. For the support, Google has demonstrated with a sample how the UI should look like. For link please see the reference.

Implementing Biomentric Prompt API
In contrast, the new BiometricPrompt provides support for both: access to fingerprint hardware as well as UI support. Also, it provides only one public method, i.e.; authenticate().

In order to use it, you need to follow the given steps:

1. Adding Permissions to Manifest File

<uses-permission android:name="android.permission.USE_BIOMETRIC"/>

The step is the same as discussed above while implementing Fingerprint Manager API. The permission is to be added in AndroidManifest.xml

2. Adding the UI

val biometricPrompt = BiometricPrompt.Builder(activity)
  .setTitle("Title")
  .setSubtitle("Subtitle")
  .setDescription("Description")
  .setNegativeButton("Cancel", executor, cancelListener)
  .build()

The above code is to be added in your activity to implement the UI of the BiometricPrompt API.

3. Using public methods provided by BiometricPrompt API
Finally, for authentication use the method "authenticate()" as shown below:

biometricPrompt.authenticate(crypto, cancel, executor, callback)

Summary

Since, the BiometricPrompt’s UI is provided by the Android framework, it promises consistency across all the Android applications. This helps users to recognize when an application requests fingerprint scanning feature. The BiometricPrompt also supports Face authentication as well as Iris authentication feature.
To conclude, BiometricPrompt API is simpler to use than old FingerprintManager, and, at the same time, it provides a similar approach as FingerprintManager which makes refactoring quite easy.

Request for Proposal

Recaptcha is required.

Sending message..