search

infinum / Android-Goldfinger

Android library to simplify Biometric authentication implementation.
Apache License 2.0
654 stars 76 forks source link

How will this library handle devices without fingerprint but other biometric methods? #63

Closed MinkiPani closed 4 years ago

MinkiPani commented 4 years ago

Hi, I am just curious how this will behave on a device like Pixel 4XL?

Since it will only have face detection and no fingerprint, this library will show face detection prompt on runtime.

igortepavac commented 4 years ago

Hello @MinkiPani!

FingerprintManager is replaced with BiometricPromptwhich will show a prompt depeding on the type of biometric the device has. So for Pixel 4 that means that a prompt for face detection would be shown. You can read more about it here.

igortepavac commented 4 years ago

I'll close this, but if you have any more questions, do not hesitate to ask.

TurKurT656 commented 3 years ago

what if a device doesn't have both?

JonatanPlesko commented 3 years ago

@TurKurT656 You can check whether authentication is possible with canAuthenticate. Check it out in the readme: https://github.com/infinum/Android-Goldfinger#check-prerequisites

RahulSDeshpande commented 2 years ago

@igortepavac & @JonatanPlesko

For example, I have a device which supports fingerprint & face both & the user has enrolled it via device settings. Is there a way I can show both options & ask the user to chose one & perform the authentication?

Cheers!

Aksi0m commented 2 years ago

Hey @RahulSDeshpande !

I believe that is not possible at the time when you want to show the biometric prompt, but it might be different based on the device manufacturer. The method that will show by default is the one user has set as the primary biometric authentication type in the OS settings.

However with the new version of the library you can enforce users to use either weak or strong authentication types. Considering that most face/iris recognitions are considered weak biometric auth types and fingerprints as strong biometric auth types you have maybe some flexibility here to chose programmatically what to use, but I would not advise to use this as a long term solution since it is a hack rather then a solution.

I would advise you to use the new version of the library and let the OS handle the authentication type, in the end you really just want to know if the authentication failed or succeeded.

RahulSDeshpande commented 2 years ago

@Aksi0m Exactly!! Thanks for the response!!