12

We implemented new android.hardware.biometrics.BiometricPrompt replacing the existing android.hardware.fingerprint. The new Biometrics API works as expected until we have the 'Preferred Biometric' as 'Fingerprint'.

When we set the 'Preferred Biometric' as 'Face Recognition' & try to use the face recognition as the authentication mechanism for our application, we receive "java.security.SignatureException: android.security.KeyStoreException: Key user not authenticated" in onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result).

This issue seems to be reproducible in Samsung devices with Android P. It works fine in Pixel devices with Android P (I believe currently the Pixel device don't provide support for Face Recognition for third party application).

private BiometricPrompt.AuthenticationCallback getAuthenticationCallback() {


@Override
public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
    Log.i(TAG, "onAuthenticationSucceeded");
    super.onAuthenticationSucceeded(result);
    Signature signature = result.getCryptoObject().getSignature();
    try {
      //Exception is thrown when we try to update the Signature with our message.
      signature.update(mToBeSignedMessage.getBytes());
      String signatureString = Base64.encodeToString(signature.sign(), Base64.URL_SAFE);
      Log.i(TAG, "Message: " + mToBeSignedMessage);
      Log.i(TAG, "Signature (Base64 EncodeD): " + signatureString);
      Toast.makeText(getApplicationContext(), mToBeSignedMessage + ":" + signatureString, Toast.LENGTH_SHORT).show();
    } catch (SignatureException e) {
      Log.d(TAG, e.getLocalizedMessage());
//java.security.SignatureException: android.security.KeyStoreException: Key user not authenticated"
      }
    }
}

Why I am getting the "KeyStoreException: Key user not authenticated", while trying to update the signature value ONLY when the "Preferred Biometric" as 'Face Recognition'.

Ganga
  • 121
  • 4
  • Possible duplicate of [Error after Fingerprint touched on Samsung phones: android.security.KeyStoreException: Key user not authenticated](https://stackoverflow.com/questions/36043912/error-after-fingerprint-touched-on-samsung-phones-android-security-keystoreexce) – Martin Zeitler Feb 08 '19 at 19:10
  • 1
    also, 1 question per question please - these are 3 questions. – Martin Zeitler Feb 08 '19 at 19:11
  • 1
    I restricted to 1 question, Thanks Martin. This question is different because the issue occurs ONLY when the "Preferred Biometric" is set as 'Face Recognition'. It works fine when it is 'Fingerprint' . – Ganga Feb 08 '19 at 20:03
  • 1
    We have run into the same issue and so far have not found a solution. It is not a duplicate of the linked question as far as I can see. – Kevin Read Feb 26 '19 at 10:24
  • 1
    Having the same issue. Fingerprint & Iris work as expected. But when selecting face as the preferred biometric a security exception is thrown. Changing setUserAuthenticationRequired to false allows the flow to work which confirms this to be an issue with Samsung's face biometric implementation not unlocking the keystore. Anyone know how to open a bug with samsung? All I could find was their developer forum. – SBerg413 Apr 05 '19 at 11:31
  • Update - I did submit a "support request" on the Samsung Developers portal. Although I don't think that's the ideal place for it, it's the only place I could find. – SBerg413 Apr 05 '19 at 14:09
  • just left a comment for this [question](https://stackoverflow.com/questions/55634812/biometricprompt-crashes-on-samsung-s9-with-face-unlock)... which attempts to explain it. – Martin Zeitler Apr 14 '19 at 16:33

0 Answers0