Open Sesame! Add Biometric authentication to your app

Part 5- Secure Android App Development

Introduction

Local authentication i.e credentials stored on the device line PIN, Password, Pattern or Biometric information (Fingerprint, Iris or Facial recognition), has become a common way to implement a step-up authentication before user starts or resumes interaction with the application.

Check if Biometric Authentication is available

We can check if biometric authentication is available on the user’s android device. If biometric authentication is not setup we can redirect the user to device settings to setup the biometric authentication.

val biometricManager = BiometricManager.from(this)
when (biometricManager.canAuthenticate(BIOMETRIC_STRONG or DEVICE_CREDENTIAL)) {
    BiometricManager.BIOMETRIC_SUCCESS ->
        Log.d("MY_APP_TAG", "App can authenticate using biometrics.")
    BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE ->
        Log.e("MY_APP_TAG", "No biometric features available on this device.")
    BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE ->
        Log.e("MY_APP_TAG", "Biometric features are currently unavailable.")
    BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> {
        // Prompts the user to create credentials that your app accepts.
        val enrollIntent = Intent(Settings.ACTION_BIOMETRIC_ENROLL).apply {
            putExtra(Settings.EXTRA_BIOMETRIC_AUTHENTICATORS_ALLOWED,
                BIOMETRIC_STRONG…