This document provides an overview of implementing fingerprint authentication on Android apps. It discusses using fingerprint authentication for encryption, including generating encryption keys, initializing ciphers, and creating crypto objects. It also covers requirements, UI guidelines, best practices, and includes references to Google sample code and documentation on fingerprint APIs, cryptography, and Android versions.

1. Android Fingerprint
Authentication
Gabriel Bernardo Pereira
gabeira@gmail.com

2. Me
Senior Android Developer
● Team Leader
● Tech Leader
● iOS Developer
● QA
● Business Analyst
● Java2 ME
linkedin.com/in/gabeira

3. What to expect
● Problem / Solutions
● Alternative implementations
● Native Google Support
● UI Guidelines
● Requirements / Implementation
● Cryptography
● Best Practices
● Google Sample and live Code (if we have time)
Reference:
androidauthority.com/how-to-add-fingerprint-authentication-to-your-android-app-747304

5. https://www.wired.com/story/android-unlock-pattern-or-pin/

8. Biometrics
https://www.howtogeek.com/226689/how-to-improve-fingerprint-recognition-with-touch-id/

9. developer.samsung.com/galaxy/pass
slideshare.net/SamsungBusinessUSA/
how-to-use-samsung-pass-to-replace-your-passwords

10. developer.android.com/about/versions/marshmallow/android-6.0.html

13. UI Guidelines
material.io/guidelines/
patterns/fingerprint.html

14. Requirements
● Device supports fingerprint
○ fingerprintManager.isHardwareDetected()
● Android version supported
○ Build.VERSION.SDK_INT >= Build.VERSION_CODES.M
● Fingerprint enabled
○ ActivityCompat.checkSelfPermission(this, Manifest.permission.USE_FINGERPRINT) !=
PackageManager.PERMISSION_GRANTED
● Fingerprint configured
○ fingerprintManager.hasEnrolledFingerprints()
● The lockscreen is secured
○ keyguardManager.isKeyguardSecure()

15. How to implement

16. Fingerprint Handler

17. Fingerprint Handler

18. Cryptography
● KeyStore
● KeyGenerator
● Cipher
● CryptoObject
docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html

19. Generate new secret Key
keyStore = KeyStore.getInstance("AndroidKeyStore")
val keyGenerator =
KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES,
"AndroidKeyStore")
keyStore.load(null)
keyGenerator.init(
KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
//Configure this key so that the user has to confirm identity with fingerprint each time they use it//
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build())
keyGenerator.generateKey()

20. Cipher
Used for encrypting/decrypting data
Use various types of algorithms:
Symmetric bulk encryption (e.g. AES)
Asymmetric encryption (e.g. RSA)
Password-based encryption (e.g. PBE)

21. How to init Cipher
cipher = Cipher.getInstance(
KeyProperties.KEY_ALGORITHM_AES + "/"
+ KeyProperties.BLOCK_MODE_CBC + "/"
+ KeyProperties.ENCRYPTION_PADDING_PKCS7)
keyStore.load(null)
val key = keyStore.getKey(KEY_NAME, null) as SecretKey
cipher.init(Cipher.ENCRYPT_MODE, key)

22. Create CryptoObject with cipher
val cryptoObject = FingerprintManager.CryptoObject(cipher)
val helper = FingerprintHandler(this)
helper.startAuth( fingerprintManager , cryptoObject )

23. Best practices
● Consider backwards compatibility;
● Provide alternate methods of authentication;
● Clearly indicate when your app is “listening” for user input;
● If the device cannot support finger authentication, then
explain why;
● Provide the user with plenty of feedback.

24. Google Dialog Sample
github.com/
googlesamples/
android-FingerprintDialog

25. Let's Code (baby steps)
github.com/
gabeira/
FingerprintKotlin
Available on Slideshare