Android Fingerprint API

Android Fingerprint APIs are bringing user authentication to a whole new level, making it fast and secure. Unlocking a phone with a single touch is one of best feature release in Android 6.0 Marshmallow. Fingerprint recognition itself is not new, but the OS-level support for it in Android has been much anticipated.

Developers can now authenticate their users on an app-by-app basis for everything from mobile purchases to app sign-in screens and more with just the tap of a finger. There are only three requirements for a user to to be eligible.

1. The user’s device must have a fingerprint reader.
2. The user’s device must be running Android 6.0 Marshmallow (API 23) or greater.
3. The user must have registered fingerprints on the device (more on this later)

API Overview

This overview will familiarize you with the workflow for using Android 6.0 Fingerprint APIs.A few main points to keep in mind:

1. Android Marshmallow has introduced a new permissions model that requires the user to give you sensitive permissions at runtime. Therefore, take into account that the user might not grant your app permission for fingerprint scanning.
2. You can create a symmetric key or asymmetric key pair for data encryption.
3. Keep the UI user-friendly. Make sure that the UI indicates when the scanner is ready for the user. It is recommended to use Google’s standard fingerprint icon which is easily recognized by users.

Let’s get started..

1. Set up the SDK and permissions in the manifest
   First, set your targetSdkVersion to “23” and add the USE_FINGERPRINT permission in your manifest.
   To add the permission in the AndroidManifest.xml file.

   <uses-permission 
   android:name="android.permission.USE_FINGERPRINT" />

2. Request a permission at runtime Call requestPermissions() in your Activity’s onCreate():
   

   requestPermissions(newString[]{Manifest.permission.USE_FINGERPRINT},FINGERPRINT_PERMISSION_REQUEST_CODE);

3. Check that the lock screen has been set up
   To check if the user has set up their lock screen, get an instance of KeyguardManager.
   

   KeyguardManager keyguardManager = (KeyguardManager)
   getSystemService(KEYGUARD_SERVICE);

4. Check whether the hardware is present and functional
   The FingerprintManager class coordinates all access to the fingerprint hardware. Using FingerprintManager we can check for device support, attempt authentication, and handle any successful or failed authentication attempts appropriately. The first thing we’ll need when implementing fingerprint authentication is an instance of FingerprintManager . This is a system-level service, so we need to call Context’s getSystemService(String) method, in the Context.FINGERPRINT_SERVICE constant.

   FingerprintManager fingerprintManager = (FingerprintManager)context.getSystemService(Context.FINGERPRINT_SERVICE);

5. Now with the FingerprintManager instance, First we can call isHardwareDetected() to receive a boolean indicating if the device has a fingerprint reader. If this returns false we’ll need to authenticate our user some other way. If isHardwareDetected() returns true, we’ll next need to call hasEnrolledFingerprints() to verify that the user has registered at least one fingerprint on the device. Even if the device has the necessary hardware, we can’t authenticate a user’s fingerprint if we don’t have a registered one  to compare against.
   

   if (!fingerprintManager.isHardwareDetected()) { 
       // Device doesn't support fingerprint authentication     
   } else if (!fingerprintManager.hasEnrolledFingerprints()) { 
       // User hasn't enrolled any fingerprints to authenticate with 
   } else { 
       // Everything is ready for fingerprint authentication 
   }

Authenticating the Fingerprint

This is done by calling FingerprintManager’s authenticate(CryptoObject, CancellationSignal, int, AuthenticationCallback, Handler) method.

CryptoObject – it is the wrapper class for the crypto objects which supported by the FingerprintManger.

CancellationSignal – This gives us the ability to stop listening for fingerprints. In a typical implementation, this class’ cancel() method will be called in the onPause() lifecycle method. This ensures we aren’t listening for fingerprints while the application isn’t available.

int – This is intended for flags, but currently we should only pass in 0.

AuthenticationCallback – This is the listener for fingerprint events. It provides four methods:

1. onAuthenticationError(int, CharSequence)
   Called when a fatal error has occurred. This method provides the error code and error message as its parameters. You should implement this method to notify the user an error has occurred.
2. onAuthenticationHelp(int, CharSequence)
   Called when a non-fatal error has occurred. This method provides the error code and a help message you can display to the user.
3. onAuthenticationFailed()
   Called when a user attempts authentication but the fingerprint is not recognized. You should always notify the user that their authentication attempt failed.
4. onAuthenticationSucceeded(AuthenticationResult)
   Called when a user’s fingerprint is successfully recognized. The AuthenticationResult parameter includes the CryptoObject associated with the transaction.

Test Your Code

To support the new APIs, ADB can emulate fingerprint touch events. If you only have one device running, the command for this is:

adb -e emu finger touch [finger_id]

If you don’t have a device with a fingerprint reader, you can use this command with an emulator running API 23 or greater to register and use fingerprints. To enroll one or more fingerprints, go to Settings > Security and ensure you have a screen lock enabled. Once a screen lock is enabled, you can select Fingerprint from the Settings screen and choose “Add fingerprint”. When the screen with the fingerprint icon appears, execute the above adb command.

Advantages of Using Fingerprint API

1. Doesn’t matter how sick you are or unable to recollect things, your fingerprint still stays faultless as your identity and can never be misplaced.
2. Fast, Convenient and Reliable to use.
3. Unique fingerprints assure that it’s unlocked just by you.
4. With the help of Fingerprint authentication, online transactions become more convenient, hence your just a tap away from getting verified.
5. Substitute for passwords and pin codes.
6. Fast Lock/unlock devices screen and apps.
7. Identification for connection to the Internet of things.