0

I am new to android bio-metric integration.

Is it possible to use the android devices screen or fingerprint sensor as a biometric device so that users can login into the app without having to use any email or password.

this and this and this as references.

Is using an external fingerprint scanner or biometric the only option or is there an alternative solution ?

This is the code that I've used as a reference. Please have a look at it and let me know how can I get users fingerprint.

MainActivity extends AppCompatActivity {

private FingerprintManager fingerprintManager;
private KeyguardManager keyguardManager;
private KeyStore keyStore;
private KeyGenerator keyGenerator;
private static final String KEY_NAME = "example_key";
private Cipher cipher;
private FingerprintManager.CryptoObject cryptoObject;

@TargetApi(Build.VERSION_CODES.M)
@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);

    keyguardManager =
            (KeyguardManager) getSystemService(KEYGUARD_SERVICE);
    fingerprintManager =
            (FingerprintManager) getSystemService(FINGERPRINT_SERVICE);


    if (!keyguardManager.isKeyguardSecure()) {

        Toast.makeText(this,
                "Lock screen security not enabled in Settings",
                Toast.LENGTH_LONG).show();
        return;
    }

    if (ActivityCompat.checkSelfPermission(this,
            Manifest.permission.USE_FINGERPRINT) !=
            PackageManager.PERMISSION_GRANTED) {
        Toast.makeText(this,
                "Fingerprint authentication permission not enabled",
                Toast.LENGTH_LONG).show();

        return;
    }

    if (!fingerprintManager.hasEnrolledFingerprints()) {

        // This happens when no fingerprints are registered.
        Toast.makeText(this,
                "Register at least one fingerprint in Settings",
                Toast.LENGTH_LONG).show();
        return;
    }

    if (!fingerprintManager.hasEnrolledFingerprints()) {

        // This happens when no fingerprints are registered.
        Toast.makeText(this,
                "Register at least one fingerprint in Settings",
                Toast.LENGTH_LONG).show();
        return;
    }

    generateKey();

    if (cipherInit()) {
        cryptoObject =
                new FingerprintManager.CryptoObject(cipher);
        FingerprintHandler helper = new FingerprintHandler(this);
        helper.startAuth(fingerprintManager, cryptoObject);
    }

}

@TargetApi(Build.VERSION_CODES.M)
protected void generateKey() {
    try {
        keyStore = KeyStore.getInstance("AndroidKeyStore");
    } catch (Exception e) {
        e.printStackTrace();
    }

    try {
        keyGenerator = KeyGenerator.getInstance(
                KeyProperties.KEY_ALGORITHM_AES,
                "AndroidKeyStore");
    } catch (NoSuchAlgorithmException |
            NoSuchProviderException e) {
        throw new RuntimeException(
                "Failed to get KeyGenerator instance", e);
    }

    try {
        keyStore.load(null);
        keyGenerator.init(new
                KeyGenParameterSpec.Builder(KEY_NAME,
                KeyProperties.PURPOSE_ENCRYPT |
                        KeyProperties.PURPOSE_DECRYPT)
                .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
                .setUserAuthenticationRequired(true)
                .setEncryptionPaddings(
                        KeyProperties.ENCRYPTION_PADDING_PKCS7)
                .build());
        keyGenerator.generateKey();
    } catch (NoSuchAlgorithmException |
            InvalidAlgorithmParameterException
            | CertificateException | IOException e) {
        throw new RuntimeException(e);
    }
}

@TargetApi(Build.VERSION_CODES.M)
public boolean cipherInit() {
    try {
        cipher = Cipher.getInstance(
                KeyProperties.KEY_ALGORITHM_AES + "/"
                        + KeyProperties.BLOCK_MODE_CBC + "/"
                        + KeyProperties.ENCRYPTION_PADDING_PKCS7);
    } catch (NoSuchAlgorithmException |
            NoSuchPaddingException e) {
        throw new RuntimeException("Failed to get Cipher", e);
    }

    try {
        keyStore.load(null);
        SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME,
                null);
        cipher.init(Cipher.ENCRYPT_MODE, key);
        return true;
    } catch (KeyPermanentlyInvalidatedException e) {
        return false;
    } catch (KeyStoreException | CertificateException
            | UnrecoverableKeyException | IOException
            | NoSuchAlgorithmException | InvalidKeyException e) {
        throw new RuntimeException("Failed to init Cipher", e);
    }
}
}
Community
  • 1
  • 1
mohammed nathar
  • 190
  • 1
  • 12
  • Hi @mohammed. Wellcome to stackoverflow. You should provide some part of your code and ask an specific question. You cant expect to as to the community: In my job ask me for this. How can I do it? :). Cheers mate. – Kenzo_Gilead Aug 24 '16 at 07:20
  • eliasMP@ i dont know how stackoverflow works . – mohammed nathar Aug 24 '16 at 09:40
  • Hi @mohammed You can check the links below: https://codeblog.jonskeet.uk/2010/08/29/writing-the-perfect-question/ http://catb.org/esr/faqs/smart-questions.html and StackOverflow forum: http://stackoverflow.com/help/question-bans – Kenzo_Gilead Aug 24 '16 at 09:53
  • ok i will learn to ask a question by reading the links you provided thank you so much..but as of now can you please give me a valid answer – mohammed nathar Aug 24 '16 at 10:00
  • As I already explained (and you put link to my answer) Android SDK only allow to verify current user against user of device. – LaurentY Aug 24 '16 at 13:42
  • Possible duplicate of [Android fingerprint API for time attendance app](http://stackoverflow.com/questions/33468694/android-fingerprint-api-for-time-attendance-app) – LaurentY Aug 24 '16 at 13:44
  • You can't _"get users fingerprint"_. You can find out whether the user's fingerprint matches one of the enrolled fingerprints on the device (not which one), and assuming that there was a match you'll have authenticated the use of a `CryptoObject` to perform some cryptographic operation (such as encrypting, decrypting, or signing data). – Michael Aug 24 '16 at 13:47
  • @LaurentY thank you so much for editing the question and putting some light on the topic. When i go thorugh answers in stackoverflow i dont see who has answered the question. Thats why i dint know that it was you. THANKS AGAIN – mohammed nathar Aug 26 '16 at 04:53
  • Refer this link it may help [this](https://stackoverflow.com/a/30365246/9404855) – sarva skn Feb 24 '18 at 08:12

1 Answers1

0

I found the solution my self. Turns out that Bio-metric devices provide an encrypted data when the finger print is read by the them. I think due to security reasons the normal finger print sensor present in the phone don't provide this encrypted data. The closest thing a developer can do with the fingerprint sensor is to find out if the fingerprint matches with the already registered fingerprint in the android device. Because of this i had to use a third party sdk.

mohammed nathar
  • 190
  • 1
  • 12