I understand how to authenticate users via Fingerprint Authentication using Android SDK. But it only tells if the fingerprint matches one of the enrolled fingerprints or not - i.e. a boolean.
I want to make it so that it gives me the fingerprint image as well, so I can extract the information against that fingerprint, i.e. userId, name, etc stored in the database.
For example:
I have 3 users: Admin, Teacher, Student.
I should be able to use the built-in fingerprint reader to be able to determine if the user is identified as an Admin, Teacher or Student, and give the app access rights accordingly.
The app will be deployed to only ONE device that is accessible to all users, so the application should be responsible to control the limit of number of fingerprints that can be registered.
Is it possible with the built-in fingerprint reader of the device?
I want to make it so that it gives me the fingerprint image as well
That is not supported by Android's fingerprint APIs, for privacy reasons.
I should be able to use the built-in fingerprint reader to be able to determine if the user is identified as an Admin, Teacher or Student, and give the app access rights accordingly.
Each of those individuals should have a separate device account. Then each of them has a separate copy of your app, in effect. So long as each of those accounts get configured in your app with the proper role, the identification process is handled for you by the OS.
Related
Hi I have the same case like this question how to store fingerprint data along with username, image, email etc in database in android app and I have read that and some of the answers there. It is stated that we can not get something like template of fingerprint that user registered in android because it is stored at a secure location. I just want to make sure that, is that true if I say something like this: Because of android doesn't give a permission to access template of user fingerprint so we can not build a mobile apps to register our fingerprint in that apps by using android scanner of fingerprint, is that right if I say something like that?
So my point here is the way to register our fingerprint in a mobile apps, I haven't found yet articles to show step by step build mobile apps like what I mean before
What I want to be able to do is create an app that users can login in to with their fingerprint. But not just on their device any device running the app would need the ability to recognise who the user is from their fingerprint. I realise the users fingerprint is stored on their own device only and doesn't get exposed to anything outside of their device so is this possible at all? Is there a way that I could store something in the cloud that would be able to identify who a user is from their fingerprint?
The answer is no. The fingerprint is saved in a seccure place by android/ios and you CAN'T access it. You eighter can't asing a UUID or something unique like this to it because the only method you are able to use in relation to the fingerprint of an user is like a match method that returns a percentage of equality from your fingerprint compared with any fingerprint saved in the device.
Maybe this helps:
Android: https://developer.android.com/about/versions/marshmallow/android-6.0.html
External library: http://www.nist.gov/itl/iad/ig/nbis.cfm
External library: http://www.neurotechnology.com/verifinger.html
how to store fingerprint data along with username, image, email etc in database in android app. I read out many links but it is not helpful. they are
How to get Fingerprint input from user and save to sqlite in android
Retrieving Fingerprint data? Get fingerprint templates from fingerprint scanner
Register user fingerprint in an android application
Thanks
As per Nexus FAQs
Your fingerprint data is stored securely and never leaves your Pixel
or Nexus phone. Your fingerprint data isn't shared with Google or any
apps on your device. Apps are notified only whether your fingerprint
was verified.
FingeprintManager only has these 3 features:
authenticate() : for authenticating user
hasEnrolledFingerprints() : Determine if there is at least one fingerprint enrolled.
isHardwareDetected() : Determine if fingerprint hardware is present and functional.
There is no method to get fingerprint id from the sensor. So your idea of storing fingerprints in database won't work.
You cannot save a fingerprint image or template. It is stated by Android in the Fingerprint Section.
The Fingerprint data is stored by android system in the phone at a secure location which is not accessible. You can write an app that gets and stores fingerprint to authenticate the user. You can go through this sample that demonstrates to use registered fingerprints to authenticate the user in your app.
https://github.com/googlesamples/android-FingerprintDialog
I'm implementing fingerprint authentication in an existing Android application making use of FingerprintManagerCompat. I used a tutorial as guidance that can be found here.
(android.support.v4.content.ContextCompat)
As FingerprintManagerCompat makes use of saved fingerprints on the mobile device, any fingerprint on the device can be used to login to the application.
Is it possible to see which one of the fingerprints on the device were used to unlock and if so is there a method to get all saved fingerprints that are available on the device?
I looked around for information on if this is possible and I cant seem to find anything. I have found that Samsung Pass SDK does have functionality to see what fingerprint is used but the product owner does not want the me to use Samsung's Pass SDK as his penetration testing team found that it is not very secure.
Is there a method to get all saved fingerprints that are available on the device?
No.
Is it possible to see which one of the fingerprints on the device were used to unlock
No.
However, there are some limitations to which fingerprints can be used to authenticate within your app. The result of a fingerprint authentication is that you make a cryptographic key available to perform some cryptographic operation (e.g. creating a digital signature). So when you add a user in your app you'd typically create a cryptographic key that you associate with that user. Then later on when the user wants to perform some action that requires him/her to be authenticated, you do the fingerprint authentication, which gives you access to the key, which use can use to do whatever it is that you need to do to verify that the user should be allowed to perform the action.
What happens when a new fingerprint is enrolled is that any existing cryptographic keys that require fingerprint authentication will be permanently invalidated.
That leaves us with the scenario where there are multiple enrolled fingerprint before the user is added in your app. I'm not aware of any way to do anything about this with the current APIs. So the best you can do might be to add some step in your fingerprint-enabling UI flow where the user is asked to verify that only they have enrolled a fingerprint on the device (e.g. by checking a checkbox or clicking a button).
Can we use the FingerprintManager in Android M (API 22) to identify (along with authorize) the user?
For example, there are two finger prints registered in the device, one for user A and one for user B. Does the API provide support to detect which user, A or B, just logged in?
No. In fact, the Android Compatibility Definition for Android 6.0 states in the Fingerprint section (7.3.10):
MUST NOT enable 3rd-party applications to distinguish between individual fingerprints.
Therefore while you could write an app that uses the fingerprint as a mechanism to authenticate the user, any registered fingerprint associated with the current user account could be used.
Android Fingerprint method does not provide fingerprint name or Any unique identity. it treated each registered fingerprint equally and just authenticate only. (valid user or invalid user that's it)
Storage
The fingerprints are tied to the device (from the Nexus FAQ):
Your fingerprint data is stored securely and never leaves your device. Your data is not shared with Google or any apps on your device.
Therefore there is no way for an app to access the fingerprint data to be able to save it or use across the devices.
Suggestion :
To distinguish multiple users or devices, you should use external fingureprint scanner. There's some external fingerprint scanners compatible with Android Platform and with SDK for Android. These SDKs allow to enroll and verify multiple users.