Android M - Keychain like storage for username/password

8
votes

Here's the workflow from iOS that I'm trying to achieve on Android:

  1. User starts app for the first time and Logs in successfully with credentials (sent to API for validation).
  2. Prompt shows asking to enroll with Touch ID
  3. User chooses YES => Username/Password is stored into Keychain
  4. User logs out, closes, and restarts the app.
  5. Prompt shows asking to use Fingerprint to authenticate
  6. User uses Fingerprint to authenticate => Username/Password are retrieved from Keychain and then sent to the API

Is there an Android equivalent of iOS's Keychain API? From what I've read the Keystore seems to only be able to store Keys and Certificates.

1
androidiossecuritykeychaintouch-id
Go through the below stackoverflow question and try to get the answer ,THe link is stackoverflow.com/questions/2411281/…BalajiG
@BalajiG Thanks, but those posts are dated back to 2010. I think a lot has changed in the Android landscape since then. It looks like there's another post here:stackoverflow.com/questions/4897774/…. Even after generating the key pairs and then using them to encrypt credentials, where do you store the encrypted data?Android Noob
Now that I think about it, how do those Android apps like Dashlane do their touch id??Android Noob
@AndroidNoob did you get a resolution to this. I too have a similar requirement and need to understand this.FlashAsh99
@FlashAsh99 I ended up encrypting the credentials using KeyStore and storing the encrypted credentials into SharedPreferences.Android Noob

1 Answers

0
votes

Here it is:

By integrating Smart Lock for Passwords into your Android app, you can automatically sign users in to your app using the credentials they have saved. Users can save both username-password credentials and federated identity provider credentials.

Integrate Smart Lock for Passwords into your app by using the Credentials API to retrieve saved credentials on sign-in. Use successfully retrieved credentials to sign the user in, or use the Credentials API to rapidly on-board new users by partially completing your app's sign in or sign up form. Prompt users after sign-in or sign-up to store their credentials for future automatic authentication.

https://developers.google.com/identity/smartlock-passwords/android/