search

android / security-samples

Multiple samples showing the best practices in security APIs on Android.
Apache License 2.0
938 stars 395 forks source link

Fingerprint permission #24

Closed codingjeremy closed 4 years ago

codingjeremy commented 5 years ago

Issue by andris95 Thursday Mar 16, 2017 at 08:16 GMT Originally opened as https://github.com/googlesamples/android-FingerprintDialog/issues/45

Hello! In this sample project there is comment like this:

Now the protection level of USE_FINGERPRINT permission is normal instead of dangerous.

But it is not true, in my project I am using compilseSdkVersion and targetSdkVersion 25.0.2. And for example, to check if the device has a fingerprint sensor, i call this method: if (!mFingerprintManager.isHardwareDetected()) and it says

if (!mFingerprintManager.isHardwareDetected())

codingjeremy commented 5 years ago

Comment by yashasvigirdhar Tuesday Jun 06, 2017 at 07:08 GMT

By Normal permission, it means that you can declare the permission in manifest and will be granted the same on app install. You don't need to request this permission at runtime. (All this applies for api >= 23 of course)

codingjeremy commented 5 years ago

Comment by LoPoBo Friday Jun 16, 2017 at 12:35 GMT

I also saw this comment and found it confusing; has USE_FINGERPRINT ever been dangerous? I could not find any documentation supporting this.