At the release of API level 23+, Google introduced the fingerprint authentication in Android. Using a fingerprint to unlock a phone in the mobile application becoming more popular day-by-day. It is user-friendly and most important user don’t need to remember the password every time in order to login to your application. With the release of Android 6.0, Google also introduced FingerprintManager official API to handle fingerprint authentication. But, in Android 9.0(P) it is deprecated and releases a new API called BiometricPrompt (android.hardware.biometrics.BiometricPrompt).

Question: Does it means we have to use the FingerprintManager from Android 23+ to 28 and BiometricPrompt in Android P?

Answer: No, Google also introduced a library androidx.biometric:biometric for developers which support all devices have fingerprint authentication hardware in it. By the way, this library is in alpha version.

So, enough of this BiometricPrompt library intro let’s dive into AndroidStudio and write some awesome code.

Adding the Dependency

To use androidx…BiometricPrompt we need to first add the dependency into our app\build.gradle file.

Add USE_BIOMETRIC Permission

We also need to add the following dependency into our AndroidManifest.xml file in order to access the fingerprint hardware.

When you declare android:requiredFeature="true" you’re specifying that the application will not work on devices which don’t have a fingerprint sensor. If you didn’t mention android:requiredFeature="false" it will take as true.

Note: You don’t need to specifically ask for USE_BIOMETRIC permission like we do when we need to access the device camera, storage, location, etc. Well, that’s because USE_BIOMETRIC protection level is normal.

When using the new BiometricPrompt API within your application, it will be shown like this:

Looks pretty awesome!

Before start building the BiometricPrompt dialog for fingerprint authentication, we need to check out some preconditions.

Preconditions For BiometricPrompt (Fingerprint Authentication)

  • isHardwareDetected: We need to check if the device has a fingerprint hardware sensor in the device.

You can skip the above condition if you marked android.hardware.fingerprint as required=true in your AndroidManifest.xml file.

  • hasEnrolledFingerprint: Determine that there any fingerprint registered in the current device. If not then we need to tell the user to first add a fingerprint.
  • sdkVersionSupported: Check if the android version is greater than Marshmallow since fingerprint authentication is only supported from Android 6.0.

If your project’s minSdkVersion is 23 or higher, then you won’t need to perform the above check.

Building A BiometricPrompt.PromptInfo Dialog instance

We can create new BiometricPrompt.PromptInfo instance by making use of a handy builder that comes with a class.

We can only customize the title, subtitle, description, and negative button text with the builder method when creating an instance for BiometricPrompt info dialog.

Note: You cannot customize the icon and error message which we’ve seen in the above demo.

Start Authenticating The User

The above biometric prompt info dialog did nothing unless we start the authentication when a user touches the fingerprint sensor. This can be made like so:

The above authenticate function to display the fingerprint authentication when a user clicks on a button.

Note: You can also pass CryptoObject as a second parameter for the authenticate function.

Building A BiometricPrompt Instance

We can create the BiometricPrompt instance by using the public constructor provided by androidx.biometric…BiometricPrompt API.

Here’s the explanation of the above code.

  1. The BiometricPrompt.AuthenticationCallback to listen for authentication events from the users. It has three methods in it.
  2. The onAuthenticationError method will be called when the scan was not performed properly without success, then this method will be triggered. The errorCode will describe what has gone wrong. You can see all the available errorCode constants at this link.
  3. Cancels the BiometricPrompt authentication when the user presses the negative button.
  4. The scan was performed successfully and user biometric recognized.
  5. The onAuthenticationFailed function will be called when the fingerprint is valid but not recognized due to an error.
  6. If you pass the background thread executor then all the AuthenticationCallback methods will be triggered in the background. And, if you pass the MainThread executor then all methods will be triggered in the main thread.
  7. Creating the BiometricPrompt with the publically available method.

Limitations with fingerprint authentication (Android)

  • There are some devices like Samsung Galaxy S8 running Android Pie have multiple biometrics in it like Fingerprint, Iris, Face recognition. Now if you try open BiometricPrompt.PromptInfo dialog it’ll open user-preferred biometric instead of a fingerprint. Currently, there’s no way to tell the dialog that we need some specific biometric. You can follow this Google issue tracker for more update.
  • There’s no way to get the raw fingerprint or any biometric data after the successful scan.

Conclusion

The BiometricPrompt show its own UI provided by Android OS framework. It is easier for the developer just to use the same code for a different version of Android from 23 to 28+. BiometricPrompt supports Fingerprint, Face and Iris recognition also. You can also skip the CryptoObject for fingerprint authentication.

I hope, I educate you at some point for fingerprint authentication when working with BiometricPrompt. If you’ve any queries please do comment below. You can get the complete code of the above application from the GitHub.

Thank you for being here and keep reading…

You may like

Author

Write A Comment