As of Android P (API 28) the FingerprintManager
API was deprecated and Google suggests we should switch to BiometricPrompt
API.
However FingerprintManager
has a method named hasEnrolledFingerprints
that we're currently using to display a prompt to the user right after he logs in with email / password where we ask him if he wants to use his fingerprint for future authentication (such as when the session expires).
BiometricPrompt
API doesn't have a similar method, so this breaks our current UX and we're not sure how to address this.
I guess the alternative would be to simply encrypt the user's password without allowing him the option to manually "enroll", and simply use the BiometricPrompt
API when his session expires, but we feel that the user should be informed and opt-in into this feature.
I did some digging trying to find out where I could ask such a question on Google's feedback platform, but couldn't find where.
Any suggestions on this would be appreciated.