Simple Biometric Authentication in Android

When developing your Android application, sometimes you want to authenticate your user first before proceeding with the application flow, for example if user wants to create a transaction in a banking application, you might first want to make sure that the user is indeed the owner of the device.

One of the fancy methods to do this is by using biometric authentication. Biometric authentication lets user authenticate themselves using face recognition or fingerprint.

Let’s make a simple application that utilizes this biometric authentication!

Where’s the source code?

yggr-medium-source-code/biometric at master · hanmajid/yggr-medium-source-code

tl;dr

Here’s what we will be making in this article:

This simple application implements Biometric Authentication. First, user authenticates via fingerprint and then user authenticates via the fallback authentication method, which is PIN (device credential)

If you want to use biometric authentication in your app, use AndroidX’s biometric library. There are some bullet points that you might need to know about this article:

• We can check whether user’s device is capable of using biometric authentication or not. Or whether user have enrolled to any biometric authentication or device credentials. This is done via canAuthenticate method.
• If user haven’t enrolled to any biometric authentication or device credentials, you can request the user to make one. This is done via Settings.ACTION_BIOMETRIC_ENROLL Intent.
• We can set a fallback authentication, when user doesn’t want to authenticate with biometric. This fallback authentication will use device credentials, such as PIN, Pattern, or Password. This is done via setAllowedAuthenticators method.

Step by Step Explanation

Follow the steps provided below to make a simple application.

1. Open Android Studio. Create new project with “Empty Activity” option.

2. Add biometric and activity dependencies to your app/build.gradle file as shown below. The activity dependency is actually not necessary for utilizing biometric authentication. However, we will only use it to launch an Intent.

3. We will build the layout first. Specifically, we will update the activity_main.xml file. We’re going to make a very simple layout for this application. As you can see in the image below, our layout would consist of one button. When this button is pressed, user will be asked to authenticate via biometric or device credential. Then, the application will show a Snackbar containing a success/error message. You can see the code for activity_main.xml below.

This is how activity_main.xml looks like

4. And lastly, we will update the MainActivity.kt file. Update the file as shown in the code snippet below. It’s a bit long, but here’s an overview of what happens: We initialize all the things needed for the biometric authentication, namely BiometricManager, BiometricPrompt, and PromptInfo. We specify what authenticators we will be using via setAllowedAuthenticators method. Here we will be using BIOMETRIC_STRONG and DEVICE_CREDENTIAL. And we also launch an intent when user hasn’t enrolled to any biometric authentication or device credentials. This Intent will ask user to setup the biometric authentication first.

5. And that’s it! Now you can run the application and see biometric authentication in action.

Thanks for reading!