Fingerprint API for android phone

Question

I am new to fingerprint authentication in smartphones. As we know Samsung S5 currently supports fingerprint scanner. Is it possible to develop a custom application that can use the scanner to authenticate a user? I just need to know the identity of the user and if he has been authenticated correctly. My app can then take it from there and integrate with backend.

http://stackoverflow.com/questions/14191929/fingerprint-scanner-using-camera — duggu, Mar 12 '15 at 10:21
http://www.codeproject.com/Questions/604029/Fingerprintplusscannerpluscodeplusforplusandroidpl — duggu, Mar 12 '15 at 10:22
You would need to see if fingerprint scanning is part of the Samsung Mobile SDK: http://developer.samsung.com/sdk-and-tools — CommonsWare, Mar 12 '15 at 10:44
Yes. Just found out they do provide Pass API for register, request and validate fingerprints. Its in here http://developer.samsung.com/release-note/view.do?v=R000000009. Seems they released a sample application just yesterday :) — DBS, Mar 12 '15 at 10:59
The problem with the Samsung Pass API is that its not portable. So we had to code for both the Android 6.0 Finger API and the Samsung Pass API. That way it doesn't matter what phone our user has. — neuman8, May 18 '16 at 16:09

score 20 · Answer 1 · edited Aug 28 '16 at 08:36

20

Google has now announced a generic fingerprint API for Android that can be utilised by any custom apps for authorisation and not just the native Google apps. It looks like the future is just getting brighter!

Taken from the Android Developers page linked below:

"To authenticate users via fingerprint scan, get an instance of the new FingerprintManager class and call the authenticate() method."

However you must also include this permission:

<uses-permission android:name="android.permission.USE_FINGERPRINT" />

If you want to find out more information then visit this URL and scroll down to Authentication:

https://developer.android.com/about/versions/marshmallow/android-6.0.html#fingerprint-authentication

edited Aug 28 '16 at 08:36

grebulon

7,071
5
36
62

answered May 30 '15 at 10:18

edwoollard

11,875
6
38
69

1

The google has really launched a nice feature. Did you find any link for developers for this? – Utkarsh Dixit Jun 01 '15 at 14:54
I just found this github project about Fingerprints, not sure if you still are looking/ need it: https://github.com/googlesamples/android-FingerprintDialog – Miles Peele Feb 05 '16 at 18:32

score 9 · Accepted Answer · edited Jan 06 '16 at 13:21

9

Samsung provides Pass API to register, request and validate fingerprints. Its in here SAMSUNG FINGER PRINT API. There is a sample program too.

edited Jan 06 '16 at 13:21

rekire

45,039
29
149
249

answered Mar 13 '15 at 06:44

DBS

714
1
7
19

score 6 · Answer 3 · edited Aug 28 '16 at 08:37

Fingerprint API preview for Android M is found here with Sample App. As of this writing, Android Compatibility Definition for Android M hasn't been published. So, if fingerprint sensor, the key hardware component of the fingerprint framework, is left as a "SHOULD" requirement (most likely to be true), then OEMs decide either to incorporate the sensor or not. But, since Android Pay is strongly ties to finger print framework, this may drive OEMs to include the fingerprint sensor.

score 4 · Answer 4 · answered May 09 '16 at 11:55

I found this in google samples which demonstrates how you can use registered fingerprints in your app to authenticate the user before proceeding some actions such as purchasing an item.

First you need to create a symmetric key in the Android Key Store using KeyGenerator which can be only be used after the user has authenticated with fingerprint and pass a KeyGenParameterSpec.

By setting KeyGenParameterSpec.Builder.setUserAuthenticationRequired to true, you can permit the use of the key only after the user authenticate it including when authenticated with the user's fingerprint.

Then start listening to a fingerprint on the fingerprint sensor by calling FingerprintManager.authenticate with a Cipher initialized with the symmetric key created. Or alternatively you can fall back to server-side verified password as an authenticator.

Once the fingerprint (or password) is verified, the FingerprintManager.AuthenticationCallback#onAuthenticationSucceeded() callback is called.

It requires SDK V23. AFAIK its not useful for Samsung S5 but it might help others to use this feature.

let's say the user deleted his fingerprints and sold the phone..the other user who bought the phone will put his fingerprint...but when he access the app the app will give full access for the new user..so how can we differentiate between the users or how can we know if the user is changed or fingerprint is added or deleted? — R.F, Mar 22 '17 at 13:55
Please read https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setInvalidatedByBiometricEnrollment(boolean) — Nils Kassube, Apr 19 '17 at 15:55

Fingerprint API for android phone

4 Answers4

Linked