Create a simple Fingerprint Auth app

Fingerprint authentication has further enhanced the security of our phones and apps. As introduced in Android Marshmallow 6.0, fingerprint authentication offers a quick and convenient way of authenticating a user’s identity. In this post we will be building a simple fingerprint authentication app from scratch.

Set up your project

Create a new Android project with an empty activity and name it FingerprintAuth, and set minimum Android version to Marshmallow 6.0.

Creating the layout

We are going to use a single activity that simply prompts the user to place their fingerprint on the scanner. Head over to your activity_main.xml and let’s design our layout. We are going to need a vector asset for this to show the fingerprint. So right click on drawable and click on New->Vector Asset and choose fingerprint.

Fingerprint icon

The layout should be similar to this:

Layout for our app

Prerequisites for Fingerprint Auth

For our app to work some checks and features need to be passed. We will add them in our MainActivity.

• Android version should be greater than or equal to Marshmallow.
• Your Android device should have a fingerprint scanner. You can declare that your app requires a fingerprint sensor by adding <uses-feature android:name=”android.hardware.fingerprint”
android:required=”true”/> to your AndroidManifest. You can set it to false if you want, but is not a requirement.
• Android permission USE_FINGERPRINT should be passed in the Manifest.
• The lock screen should be secured with at least one type of security authentication: pin, pattern etc.
• At least one fingerprint should be registered on the user’s phone.

In your AndroidManifest add the fingerprint permission:

<uses-permission android:name=”android.permission.USE_FINGERPRINT” />

MainActivity

For our MainActivity.java file we are going to implement the prerequisites above using if else statements.

In the code snippet above, we have a generateKey() method that generates a Keystore instance. The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable. This system protects key material from unauthorized use. The use of a CryptoObject in this case is to know if a new fingerprint was added since the last time the user added a fingerprint.

Helper class

In our MainActivity, there is a class called FingerprintHandler. This class will be responsible for handling our callbacks and checking whether the authentication is successful or not.

The authentication methods display an error or success message based upon the fingerprint input. The update() method makes changes to the user interface displaying different text colors as well as a success message upon fingerprint input. Therefore we should import another vector asset to show success.

Checkmark to display success

Testing our app

Considering you’ve registered a fingerprint on your Android device in Settings, you should be ready to test. If you are using an emulator to emulate touch events use this command below:

adb -e emu finger touch <finger_id>

On Windows, you may have to run telnet 127.0.0.1 <emulator-id> followed by finger touch <finger_id>.

If you scan a finger that is not registered you should get an Authentication error message that we set for our TextView.

Authentication failed

For successful input our screen should be similar to this:

Access granted

This post offers the simple steps to integrate Fingerprint authentication in your apps. I have hosted this project on Github. There’s plenty of things I haven’t touched on yet when integrating this but basically it is that simple. There’s a new BiometricPrompt API that takes after the FingerprintManager API as well. We can engage more in the comments and on Twitter as well.