1*d353a188SXin Li 2*d353a188SXin LiAndroid AsymmetricFingerprintDialog Sample 3*d353a188SXin Li=================================== 4*d353a188SXin Li 5*d353a188SXin LiA sample that demonstrates to use registered fingerprints to authenticate the user in your app 6*d353a188SXin Li 7*d353a188SXin LiIntroduction 8*d353a188SXin Li------------ 9*d353a188SXin Li 10*d353a188SXin LiThis sample demonstrates how you can use registered fingerprints in your app to authenticate the 11*d353a188SXin Liuser before proceeding some actions such as purchasing an item. 12*d353a188SXin Li 13*d353a188SXin LiFirst you need to create an asymmetric key pair in the Android Key Store using [KeyPairGenerator][1] 14*d353a188SXin Liin the way that its private key can only be used after the user has authenticated with fingerprint 15*d353a188SXin Liand transmit the public key to your backend with the user verified password (In a real world, the 16*d353a188SXin Liapp should show proper UIs). 17*d353a188SXin Li 18*d353a188SXin LiBy setting [KeyGenParameterSpec.Builder.setUserAuthenticationRequired][2] to true, you can permit the 19*d353a188SXin Liuse of the key only after the user authenticate it including when authenticated with the user's 20*d353a188SXin Lifingerprint. 21*d353a188SXin Li 22*d353a188SXin LiThen start listening to a fingerprint on the fingerprint sensor by calling 23*d353a188SXin Li[FingerprintManager.authenticate][3] with a [Signature][4] initialized with the asymmetric key pair 24*d353a188SXin Licreated. Or alternatively you can fall back to server-side verified password as an authenticator. 25*d353a188SXin Li 26*d353a188SXin LiOnce the fingerprint (or password) is verified, the 27*d353a188SXin Li[FingerprintManager.AuthenticationCallback#onAuthenticationSucceeded()][5] callback is called. 28*d353a188SXin Li 29*d353a188SXin LiThen you can verify the purchase transaction on server side with the public key passed from the 30*d353a188SXin Liclient, by verifying the piece of data signed by the Signature. 31*d353a188SXin Li 32*d353a188SXin Li[1]: https://developer.android.com/reference/java/security/KeyPairGenerator.html 33*d353a188SXin Li[2]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationRequired%28boolean%29 34*d353a188SXin Li[3]: https://developer.android.com/reference/android/hardware/fingerprint/FingerprintManager.html#authenticate%28android.hardware.fingerprint.FingerprintManager.CryptoObject,%20android.os.CancellationSignal,%20int,%20android.hardware.fingerprint.FingerprintManager.AuthenticationCallback,%20android.os.Handler%29 35*d353a188SXin Li[4]: https://developer.android.com/reference/java/security/Signature.html 36*d353a188SXin Li[5]: https://developer.android.com/reference/android/hardware/fingerprint/FingerprintManager.AuthenticationCallback.html#onAuthenticationSucceeded%28android.hardware.fingerprint.FingerprintManager.AuthenticationResult%29 37*d353a188SXin Li 38*d353a188SXin LiPre-requisites 39*d353a188SXin Li-------------- 40*d353a188SXin Li 41*d353a188SXin Li- Android SDK 27 42*d353a188SXin Li- Android Build Tools v27.0.2 43*d353a188SXin Li- Android Support Repository 44*d353a188SXin Li 45*d353a188SXin LiScreenshots 46*d353a188SXin Li------------- 47*d353a188SXin Li 48*d353a188SXin Li<img src="screenshots/1-purchase-screen.png" height="400" alt="Screenshot"/> <img src="screenshots/2-fingerprint-dialog.png" height="400" alt="Screenshot"/> <img src="screenshots/3-fingerprint-authenticated.png" height="400" alt="Screenshot"/> <img src="screenshots/4-new-fingerprint-enrolled.png" height="400" alt="Screenshot"/> 49*d353a188SXin Li 50*d353a188SXin LiGetting Started 51*d353a188SXin Li--------------- 52*d353a188SXin Li 53*d353a188SXin LiThis sample uses the Gradle build system. To build this project, use the 54*d353a188SXin Li"gradlew build" command or use "Import Project" in Android Studio. 55*d353a188SXin Li 56*d353a188SXin LiSupport 57*d353a188SXin Li------- 58*d353a188SXin Li 59*d353a188SXin Li- Google+ Community: https://plus.google.com/communities/105153134372062985968 60*d353a188SXin Li- Stack Overflow: http://stackoverflow.com/questions/tagged/android 61*d353a188SXin Li 62*d353a188SXin LiIf you've found an error in this sample, please file an issue: 63*d353a188SXin Lihttps://github.com/googlesamples/android-AsymmetricFingerprintDialog 64*d353a188SXin Li 65*d353a188SXin LiPatches are encouraged, and may be submitted by forking this project and 66*d353a188SXin Lisubmitting a pull request through GitHub. Please see CONTRIBUTING.md for more details. 67*d353a188SXin Li 68*d353a188SXin LiLicense 69*d353a188SXin Li------- 70*d353a188SXin Li 71*d353a188SXin LiCopyright 2017 The Android Open Source Project, Inc. 72*d353a188SXin Li 73*d353a188SXin LiLicensed to the Apache Software Foundation (ASF) under one or more contributor 74*d353a188SXin Lilicense agreements. See the NOTICE file distributed with this work for 75*d353a188SXin Liadditional information regarding copyright ownership. The ASF licenses this 76*d353a188SXin Lifile to you under the Apache License, Version 2.0 (the "License"); you may not 77*d353a188SXin Liuse this file except in compliance with the License. You may obtain a copy of 78*d353a188SXin Lithe License at 79*d353a188SXin Li 80*d353a188SXin Lihttp://www.apache.org/licenses/LICENSE-2.0 81*d353a188SXin Li 82*d353a188SXin LiUnless required by applicable law or agreed to in writing, software 83*d353a188SXin Lidistributed under the License is distributed on an "AS IS" BASIS, WITHOUT 84*d353a188SXin LiWARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 85*d353a188SXin LiLicense for the specific language governing permissions and limitations under 86*d353a188SXin Lithe License. 87
