Is it possible to use the built in PIN/Password/Pattern in android for Android applications?
For instance, if a pin were set on the phone...it could be used to unlock an application. Otherwise, the user would have to set a pin for the application and/or phone.
I don't believe so and I hope they don't add one.
There are trusted path issues with allowing apps to request entry of the user's PIN.
The phone needs to make sure that apps don't keylog and exfiltrate PINs or administrative passwords, so user's need to be trained to only enter their PIN/password into a user-interface that sends events only to the OS. This is similar to the way that the Windows login is only displayed after Ctrl-Alt-DEL, a key sequence that is guaranteed to remove window focus and so stop the flow of key events to user-ring code.
Even providing an API that allows applications to request that the user confirm their administrative secrets weakens security by training users to enter important secrets in a variety of situations instead of only after Ctrl-Alt-DEL or other OS trapped sequence.
You could definitely make your own, but I don't think you can utilize the one from the OS.
Related
I want a cheap Biometric system using any (cheap) Android mobile in which whoever presses the thumb, my android code should get authenticated callback with some unique person code(this is optional though).
But question is whether we can change the Android setting to allow storing of 100-500 people's finger prints? Usually mobiles only allow upto 5 fingerprints to be stored.
my android code should get authenticated callback with some unique person code
Android does not support this. You only find out whether the user authenticated or not.
whether we can change the Android setting to allow storing of 100-500 people's finger prints?
Android does not support this.
I'm a beginner to Flutter and programming in general.
First I'd like to know if it's possible to notify the creator of an app or it's back end service that a fingerprint has been deregistered and a new one added.
Note: The objective is not to get fingerprint data but to uniquely identify people in one way or the other. For example assuming an app would like to manage dormitories that have a closing time of say 9 pm and intends to generate a report of everyone present inside by using their device location and a service on a local network that checks location data and asks for a fingerprint authentication, there's every possibility that users could leave their devices to other users and register their fingerprints as well allowing them to provide authentication and creating inaccurate reports for the dormitory.
Please any suggestions for the above situation?
There is no support for "detecting de-registration" directly. Even if it were, it would not be useful.
tldr; Access, guarded by a device-secret fingerprint or otherwise, from an arbitrary and uncontrolled device cannot be used to guarantee that the person who 'owns' the device is present. It is the data governance regulations (EULA, company/dorm policy, etc.) and trust in the user to adhere to such, including reporting violations, which allows the device-to-person assertion.
On a mobile device, fingerprint authentication is effectively a per-device secret than can accept any of the registered fingerprints which is used to protect other access/secrets.
Consider:
Fingerprints are not accessible directly by applications and thus cannot be used as "user IDs".
Each device uses a private per-device key to encrypt and store the fingerprint information. This information is not accessible externally nor is it uploaded.
See 'Secure Enclave' for iOS and 'Trusted Execution Environment' for Android.
A person can have multiple fingerprints registered per device. This implies that multiple fingerprints from different people can be added and there is no way to determine the difference. Likewise, a person could register a fingerprint for a different finger on multiple devices.
The encoding of a fingerprint is a "one way" data modeling that accepts the fingerprint as registered. The actual fingerprint data will differ, even before it's securely saved: it is only the application of this model onto the fingerprint pattern being applied that is useful.
Now, if there was a physically controlled device / system ..
An example of a physically controlled system might be usages of fixed terminals controlling single-person entry/exit doors (with security cameras and/or a physical guard) where people can only register a fingerprint in front of a trusted person after appropriate ID verification.. how much does it really matter? And what happens when a person climbs through a window?
Having the app take a detailed face / eye scan off a live camera and sending it in to a controlled server for some internal biometric-based verification might be some [draconian] half-way step .. I'd say "No Thanks" ;-)
On iOS, if something is protected by fingerprint or faceID, the developer can set an option that the data can only be accessed if the set of registered fingerprints/ faces is unchanged. So you could send a one-time code that the user puts in their keychain, and if the change registered fingerprints, it’s gone. Now if I registered fingerprints of myself and my three best mates, you can’t detect that.
I've been using Nikolay Elenkov's blog (http://nelenkov.blogspot.com/2012/05/storing-application-secrets-in-androids.html) to store encrypted password information in our android application. The requirements are such that we a) don't want to store the key/salt in our code directly, because this can be decompiled/removed, b) need to support back to android API level 14, and c) need to store password (encrypted) information on the device (i.e. can't currently use an OpenAuth token or similar system, as it would require server changes that can't be made right now).
So, on JB 4.2+ devices, I can utilize the newer secure credential storage, which doesn't cause any problems. For JB 4.1 and ICS devices, though, I need to use the aforementioned method of interacting with the keystore daemon through nelenkov's techniques.
The problem here is that when the secure credential storage is initialized, it requires that the user set up a device password/pin, as it uses this to base the encryption key used for the master storage off of. This is kind of a bad deal, because it is a big hindrance for the user.
Alternatively, I've looked at using a separate key store, based off of SpongyCastle. The problem with this direction, though, is that I would need to initialize it with some password (likely stored in my source code). This would mean that, if the device were stolen/rooted, it would be relatively easy to procure the contents of the "secure" key store, as the password could be retrieved from the app's decompiled source.
Is there a better solution to this problem that I'm not seeing, or is it just not possible with API versions < 18?
There are really only two ways to do this: either the user enters some kind of password and you derive your keys from it, or you generate a key and store it on the device. Using the device unlock password is a lot more user-friendly than having the user remember a dedicated password for your app only. BTW, on 4.2+ you still need a lockscreen password so nothing is changed compared to 4.0. As usual, if the device is rooted, the attacker can get the user's Google authentication tokens, and bruteforce the lockscreen password so you'd have much bigger problems. So think about your threat model first and decide how far you are willing to go. If the data is truly sensitive, use a dedicated password with sufficient complexity that needs to be entered every time the app is opened. You can also write a device administrator and require that the device is encrypted, that the lockscreen PIN/password is sufficiently long/complex, etc.
The alternative is to use tokens, either your own or from a third party identity provider (Google, FB, etc.).
Im developing a parental app which restricts outgoing calls to limited defined numbers.
I need to set a password for the app log in and is it possible to set a password which can be set to control the process of uninstall of this application.
I had gone through some of the links,but haven't reached in any conclusion.
LINK 1
LINK 2
These cannot serve my purpose... that's also not a solution.
Can anybody tell how exactly to add a watcher to serve this purpose?
is it possible to set a password which can be set to control the process of uninstall of this application.
You are welcome to create your own custom firmware that contains your application, and install that firmware on whatever devices you are allowed to. Your application then cannot be uninstalled.
Android SDK applications cannot "control the process of uninstall".
a customer ordered us a tablet application, but they need a lot of access restriction to lock device functions such as:
Permit datas transfer only inside the application not outside
Restricted user access on the device (something close to admin and normal user permissions)
A framework/API that permit to create an internal mail reader/sender
Public API of iOS makes impossible to fulfill those requirements. I was wondering if Android makes life easier when there are those kind of restriction.
UPDATE: To make understand better the field of use. I'm talking about an application that "force" the device to be used just only with that application for an Enterprise use. The app is just like a CRM but the device should be blocked in some functions to make users only work with them and NOT playing or use facebook, market etc.
Not sure you can achiev all of those, but you should look into the device policy for android here and here.
1) Not sure what you mean by point 1. If you mean controlling all data transfer from the device, you might be a in a bind considering the only way to get a firewall running on android is by rooting the device. Perhaps you could look into writing a custom launcher/home like KidZone that only shows approved apps? - Not nearly as secure, though.
2) Honeycomb, so far, doesn't have multi-user support - though you can have multiple google accounts registered. The custom launcher could help in this regard though.
3) I don't see the point of doing this unless they already have a custom mail infrastructure in place. Otherwise just go with exchange.
Permit datas transfer only inside the application not outside
Do not request the INTERNET permission.
Restricted user access on the device (something close to admin and normal user permissions)
You would have to implement this yourself.
A framework/API that permit to create an internal mail reader/sender
I have no idea what this means.