Reputation: 93
Android fingerprint detect new finger added
How to detect if the user add new fingerprint to Android settings after he/she authenticate finger inside my application ?
i.e. iOS have something called (evaluatedPolicyDomainState) to detect changes in fingerprint catalog what is the alternative in Android ?
This require for security reasons to prompt password in this case
Upvotes: 8
Views: 22210
Answers (5)
Reputation: 1
private String getFingerprintInfo(Context context) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException, ClassNotFoundException {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);
String allFingerPrintInfo = "";
if (obj != null) {
Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
for (int i = 0; i < ((List) obj).size(); i++) {
Object fingerPrint = ((List) obj).get(i);
if (fingerPrint != null) {
String fingerPrintInfo = "";
if (Build.VERSION.SDK_INT > Build.VERSION_CODES.P) {
Parcel p = Parcel.obtain();
p.setDataPosition(0);
// Method writeToParcel = clazz.getDeclaredMethod("writeToParcel", Parcel.class, Integer.class);
clazz.getDeclaredMethods()[1].invoke(fingerPrint, p, 0);
p.setDataPosition(0);
fingerPrintInfo = p.readString() + "_" + p.readInt() + "_" + p.readLong();
} else {
Method getFingerId = clazz.getDeclaredMethod("getFingerId");
fingerPrintInfo = (String) getFingerId.invoke(fingerPrint);
}
allFingerPrintInfo += fingerPrintInfo + "*";
}
}
}
return allFingerPrintInfo;
}
Upvotes: 0
Reputation: 4907
/**
* Generate NIST P-256 EC Key pair for signing and verification
*
* @param keyName
* @param invalidatedByBiometricEnrollment
* @return
* @throws Exception
*/
@TargetApi(Build.VERSION_CODES.P)
private KeyPair generateKeyPair(String keyName, boolean invalidatedByBiometricEnrollment) throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName,
KeyProperties.PURPOSE_SIGN)
.setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
.setDigests(KeyProperties.DIGEST_SHA256,
KeyProperties.DIGEST_SHA384,
KeyProperties.DIGEST_SHA512)
// Require the user to authenticate with a biometric to authorize every use of the key
.setUserAuthenticationRequired(true)
.setInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
keyPairGenerator.initialize(builder.build());
return keyPairGenerator.generateKeyPair();
}
Upvotes: -1
Reputation: 59
I can get all finger id in integers.
private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);
if (obj != null) {
Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
Method getFingerId = clazz.getDeclaredMethod("getFingerId");
for (int i = 0; i < ((List) obj).size(); i++)
{
Object item = ((List) obj).get(i);
if(item != null)
{
System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
}
}
}
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
e.printStackTrace();
}
}
please refer to this: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/hardware/fingerprint/Fingerprint.java
there is a public method getFingerId( ), but it is not available for us to call because it has "@UnsupportedAppUsage".
so you need to use reflection to call the method. after you get a list of fingerprint id, you can encrypt them and store in sharedPreference.
Finger id is the id of the fingerprints stored in setting
After you get all finger ids, you can determine if user has added/deleted a fingerprint.
No need to count on the KeyPermanentlyInvalidatedException. It is not thrown in Android 8.0
Good luck!!!...
don't believe google did such a poor job
Upvotes: 2
Reputation: 58517
From the documentation for setUserAuthenticationRequired:
The key will become irreversibly invalidated once the secure lock screen is disabled (reconfigured to None, Swipe or other mode which does not authenticate the user) or when the secure lock screen is forcibly reset (e.g., by a Device Administrator). Additionally, if the key requires that user authentication takes place for every use of the key, it is also irreversibly invalidated once a new fingerprint is enrolled or once no more fingerprints are enrolled, unless
setInvalidatedByBiometricEnrollment(boolean)is used to allow validity after enrollment. Attempts to initialize cryptographic operations using such keys will throw KeyPermanentlyInvalidatedException.
So to check if any new fingerprints have been enrolled since you created your fingerprint-associated key, just create a cipher with that key and try to init the cipher. If any new fingerprints have been enrolled, the init call should trigger a KeyPermanentlyInvalidatedException.
Upvotes: 17
Reputation: 3092
You can't add new fingerprints from your app.
Inside your application you only have access to the Auth Fingerprint Method which checks against registered fingerprints through the keyStore.
Upvotes: -4
Related Questions
- How to save and compare 2 fingerprints on Android
- Detecting finger type with mantra fingerprint sensor
- How to check if new finger was added?
- How to know which finger is scanned for bio-metric?
- Detection of a new fingerprint enrolment
- How can I create multiple fingerprint scan and register in db?
- Finger print authentication
- Android Fingerprint Scanner, detecting the finger used for authentication
- Android Fingerprint as Identification
- Fingerprint API Android