Fingerprint Authentication with BiometricPrompt
With the advancement of mobile phone technologies and cloud-based services, a mobile phone contains highly sensitive and confidential information. This requires increased security to mobiles. Authentication using pin, pattern, password, fingerprint locks play a major role in securing information in our smartphones.
It has now become a trend to add fingerprint authentication to apps. Fingerprints reduce the friction compared to pin, pattern or passwords but still provide the same level of security.
BiometricPrompt is a new API introduced during the release of Android Pie deprecating FingerprintManager. BiometricPrompt provides a consistent user interface across all the apps and also makes authentication easy.
Time to Code! {
Open Android Studio and create a New Project.
Select Empty Activity.
Add dependency to App Level build.gradle file:
implementation 'androidx.biometric:biometric:1.0.1'Set permission in AndroidManifest.xml to use biometric information and sensors
<uses-permission android:name="android.permission.USE_BIOMETRIC"
android:requiredFeature="false"/>The requiredFeature specifies whether biometric is a required feature for installation of app or not. Setting it to false allows the installation of the app in phones not having the fingerprint feature as well.
Write this in your activity_main.xml
This code creates a layout with a button in the center. This button triggers biometric authentication when clicked.
Set BiometricPrompt PromptInfo
Set the info to be displayed in the authentication dialog
The negative button cancels authentication.
.setDeviceCredentialAllowed(true) can be used to allow usage of pins, passwords or patterns. If setDeviceCredential is used there can be no negative button. It is recommended to use Device credentials as it improves user experience in case there is some problem with the hardware. Thus, BiometricPrompt can be used for authentication even if there is no hardware.
Verify if device supports Fingerprint Authentication
This method checks if authentication is possible or not. If fingerprint authentication is possible (case BiometricManager.BIOMETRIC_SUCCESS) authentication call is made by
BiometricPrompt.PromptInfo promptInfo = buildBiometricPrompt();
biometricPrompt.authenticate(promptInfo);The checks are not required if .setDeviceCredentialAllowed(true) is used, as other authentication methods like pattern or pin set in the device will be used if the hardware is not detected. Directly the authentication call can be made in that case.
Define Authentication Callbacks
Override the callback methods with the necessary actions to be performed on Successful authentication or in case of error.
The onCreate Method
The executor provides a separate thread for the biometric authentication to take place. The BiometricPrompt is called by passing the context, executor and callback function. The onClickListener is set on the button and checkAndAuthenticate function is called.
The MainActivity.java looks like this
} ..and we’re done! Now hit the Run App Button and wait till it installs onto your device.
The GitHub link for the entire code
