DevCNairobi
Published in

DevCNairobi

Create a simple Fingerprint Auth app

Fingerprint authentication has further enhanced the security of our phones and apps. As introduced in Android Marshmallow 6.0, fingerprint authentication offers a quick and convenient way of authenticating a user’s identity. In this post we will be building a simple fingerprint authentication app from scratch.

Set up your project

Create a new Android project with an empty activity and name it FingerprintAuth, and set minimum Android version to Marshmallow 6.0.

Creating the layout

We are going to use a single activity that simply prompts the user to place their fingerprint on the scanner. Head over to your activity_main.xml and let’s design our layout. We are going to need a vector asset for this to show the fingerprint. So right click on drawable and click on New->Vector Asset and choose fingerprint.

Fingerprint icon
Fingerprint icon

The layout should be similar to this:

Layout for our app

Prerequisites for Fingerprint Auth

For our app to work some checks and features need to be passed. We will add them in our MainActivity.

  • Android version should be greater than or equal to Marshmallow.
  • Your Android device should have a fingerprint scanner. You can declare that your app requires a fingerprint sensor by adding <uses-feature android:name=”android.hardware.fingerprint”
    android:required=”true”/>
    to your AndroidManifest. You can set it to false if you want, but is not a requirement.
  • Android permission USE_FINGERPRINT should be passed in the Manifest.
  • The lock screen should be secured with at least one type of security authentication: pin, pattern etc.
  • At least one fingerprint should be registered on the user’s phone.

In your AndroidManifest add the fingerprint permission:

<uses-permission android:name=”android.permission.USE_FINGERPRINT” />

MainActivity

For our MainActivity.java file we are going to implement the prerequisites above using if else statements.

In the code snippet above, we have a generateKey() method that generates a Keystore instance. The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable. This system protects key material from unauthorized use. The use of a CryptoObject in this case is to know if a new fingerprint was added since the last time the user added a fingerprint.

Helper class

In our MainActivity, there is a class called FingerprintHandler. This class will be responsible for handling our callbacks and checking whether the authentication is successful or not.

The authentication methods display an error or success message based upon the fingerprint input. The update() method makes changes to the user interface displaying different text colors as well as a success message upon fingerprint input. Therefore we should import another vector asset to show success.

checkmark to display done
Checkmark to display success

Testing our app

Considering you’ve registered a fingerprint on your Android device in Settings, you should be ready to test. If you are using an emulator to emulate touch events use this command below:

adb -e emu finger touch <finger_id>

On Windows, you may have to run telnet 127.0.0.1 <emulator-id> followed by finger touch <finger_id>.

If you scan a finger that is not registered you should get an Authentication error message that we set for our TextView.

Authentication failed

For successful input our screen should be similar to this:

Access granted

This post offers the simple steps to integrate Fingerprint authentication in your apps. I have hosted this project on Github. There’s plenty of things I haven’t touched on yet when integrating this but basically it is that simple. There’s a new BiometricPrompt API that takes after the FingerprintManager API as well. We can engage more in the comments and on Twitter as well.

--

--

--

Developer Circle: Nairobi

Recommended from Medium

Android 104 : Do we really need Kotlin Coroutines?

How to fix cmdline-tools component is missing in android studio?

How to fix cmdline-tools component is missing in android studio?

The suspend modifier — Under the hood

Android Tab Layout using Fragments and ViewPager | Android Studio | Java

Coroutines: First things first

Flutter java.lang.RuntimeException: java.lang.RuntimeException: Duplicate class

Coroutines & Patterns for work that shouldn’t be cancelled

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Licio Lentimo

Licio Lentimo

I write content on Android and Web technologies. Currently focusing on Cybersecurity. Find me on liciolentimo.com

More from Medium

Twilio Android Client + Google Speech API

Firebase Remote Config for app updates in Android

Adventures in customizing background Firebase notifications on Android

Using custom keystore in android gradle