Implementation of Android Fingerprint technology

0
votes

I'm not sure if this is the right place to ask for flow-related question. Do guide me if you're aware of a better section.

I'm currently doing a web based system for multiple organizations, so on my login form, there's 3 simple field:

  1. Company code, such as CNN (so we can have same username, as long as they work in different company)
  2. Username, such as james
  3. Password

Now we are actually studying on the fingerprint authentication technology, on how it could help above.

Our assumption is below:

  1. On our app, we provide user a registration screen, instead of username/password, they tap their thumb on the form, so we can get something, maybe a lengthy random string, which represents the thumbprint, then we pass this code to server, along with his profile, and registration completes.
  2. Above repeats for thousands of our other users.
  3. A user came to our app login screen, we show them a scanner, they put their thumbs on it, we send the retrieved fingerprint code, and send to server for a matching comparison, then we authenticate this user.

But from what we studied, it seems that the fingerprint SDK doesn't works this way, it simply authenticate if the user is the owner of the phone, and it does not provide us a code or something to represents the fingerprint.

Can anyone with experience in developing a working/deployed fingerprint app, share with me how does fingerprint helps in authenticating your user?

Thank you.

1
androidauthenticationfingerprint
You are right about Android fingerprint SDK. Anyway you can use external fingerprint sensor and it's SDK like that.Andrii Omelchenko
@AndriiOmelchenko thanks Andrii, but we are reluctant to use third party SDK, in this case, does it means using Android SDK, what we can do is just provide an interface to user, to bind the thumbprint with a set of username/password, so in future, all it does is using the thumbprint in login screen, to retrieve the username/password stored, then pass to server?Chor Wai Chun
"in this case" means external fingerprint sensor?Andrii Omelchenko
@AndriiOmelchenko nope, sorry I mean in this case if we use Android's internal SDKChor Wai Chun

1 Answers

1
votes

you should add this line in your manifest.xml - <uses-feature android:name="android.hardware.fingerprint" android:required="false" />

Here is the code sample to show fingerprint dialog and get result from user interaction:

    private void showFingerPrintDialog() {
    final FingerprintDialogBuilder dialogBuilder = new FingerprintDialogBuilder(ContextInstance)
            .setTitle(R.string.fingerprint_dialog_title)
            .setSubtitle(R.string.fingerprint_dialog_subtitle)
            .setDescription(R.string.fingerprint_dialog_description)
            .setNegativeButton(R.string.cancel);
    dialogBuilder.show(getSupportFragmentManager(), new AuthenticationCallback() {
        @Override
        public void fingerprintAuthenticationNotSupported() {
            Log.d(TAG, "fingerprintAuthenticationNotSupported: ");
        }

        @Override
        public void hasNoFingerprintEnrolled() {
            Log.d(TAG, "hasNoFingerprintEnrolled: ");
        }

        @Override
        public void onAuthenticationError(int errorCode, @Nullable CharSequence errString) {
            Log.d(TAG, "onAuthenticationError: ");
        }

        @Override
        public void onAuthenticationHelp(int helpCode, @Nullable CharSequence helpString) {
            Log.d(TAG, "onAuthenticationHelp: ");
        }

        @Override
        public void authenticationCanceledByUser() {
            Log.d(TAG, "authenticationCanceledByUser: ");
        }

        @Override
        public void onAuthenticationSucceeded() {
            Log.d(TAG, "onAuthenticationSucceeded: ");
            /*SaveResult in db or preference*/
        }

        @Override
        public void onAuthenticationFailed() {
            Log.d(TAG, "onAuthenticationFailed: ");
        }
    });
}