Android Question Fingerprint Addon

DataProtec · Sep 30, 2019

Hello
Is there an Option to get an Addon like a Textbox or Label a Tool to get the Fingerprint
I need to autentificate each user, at the momento i do this with username and password.
It can be easier if i can use Fingerprint
If someone could help me, I would be very grateful.
Thanks

udg · Sep 30, 2019

https://www.b4x.com/android/forum/threads/fingerprint-authentication.72500/#content

First result using keyword "fingerprint" in Forum's search engine.

DataProtec · Sep 30, 2019

As i understand it is only to Authenticate to the device.
I need to send the fingerprint to MSSQL server, search the User and Authentice
Do i have to use FirebaseAuth or how can i do this.

udg · Sep 30, 2019

According to
https://developer.android.com/reference/android/hardware/fingerprint/FingerprintManager.html
it was deprecated since API 28. They suggests the use of BiometrciPrompt.
I didn't look at the documentation so I can't tell if you can obtain any useful info more than the success/fail baswed on local authentication, sorry.

DataProtec · Sep 30, 2019

ok, Will have a look if i can use it, i have no idea how i can do it

DonManfred · Sep 30, 2019

DataProtec said:
Do i have to use FirebaseAuth

firebase auth is not relevant here

DataProtec said:
or how can i do this

i don´t know a way.

You need to have a external fingerprintreader which has its own api (like @Sasuke Sama suggested). For the api you probably need some java knowledge to create a wrapper for b4a.

udg · Sep 30, 2019

AFAIK, in several countries law prohibits to store a fingerprint image but it allows to extract an hash from it and use that hash for some purposes.
In EU, GDPR demands great care about any personal data, expecially data considered sensitive.

DataProtec · Oct 1, 2019

Thanks all for the respond.
In Spain where i'm some Devices sold which store the Fingerprint as Image, one of them is CrossChex from Anviz. If you check the DB, they have as MDB or as well as MSSQL, both have the Fingerprint as Image.
But the comment from udg is helpful, i will check if it is allowed to store Fingerprints in Spain as Image.
Did not know there is a Law about this.
When i have something i public it so everybody knows.

udg · Oct 1, 2019

AFAIK, as long as the image is stored on the device (so it is in full control of the owner of the personal data, i.e. the end user) there's no problem.
Your risk should begin whether you transmit and store the image on your servers.

DataProtec · Oct 2, 2019

Ok, i'm trying to get proper respond from Legal Site to know exactly the law.
We need to save the Image on the server.
Also we can use hash, but the main Question is how to do this with Android or Ios
This i need to solve and where i need some help or ideas

DonManfred · Oct 2, 2019

DataProtec said:
Also we can use hash, but the main Question is how to do this with Android or Ios
This i need to solve and where i need some help or ideas

It is not possible without a additional hardware as already mentioned...

MarkusR · Oct 2, 2019

how about phone Near Field Communication (nfc) + card, maybe a possible alternative for you.
at least better than input username and password always.

DataProtec · Oct 2, 2019

NFC maybe can be a alternative to fingerprint, will check if we can use it for our company
Many thanks for reply and help to everybody, let you know what will be the final soloution

MarkusR · Oct 2, 2019

DataProtec said:
NFC maybe can be a alternative to fingerprint, will check if we can use it for our company

if it is allowed then scanning a qr code id would do the same

about finger print, if each user have a own user account at phone with learned finger access mentioned at #2
i think you can read the user account name or a secret file at phone inside user environment for authenticating.

DonManfred · Oct 2, 2019

MarkusR said:
about finger print, if each user have a own user account at phone with learned finger access mentioned at #2
i think you can read the user account name or a secret file at phone inside user environment for authenticating.

The android api about fingerprint does not provide any info about the user. Even not a unique id or a has.

It only checks the fingerprint from a list of a few fingerprints which can be configured in the device.

MarkusR · Oct 2, 2019

DonManfred said:
The android api about fingerprint does not provide any info about the user. Even not a unique id or a has.
It only checks the fingerprint from a list of a few fingerprints which can be configured in the device.

but a finger unlock a user session, so you have the user name there. my thought.
meaning each user in system have his own fingers learned = not sharing hundreds of fingers in one user account.
starting from os 5 the phone can handle multiple users.

my free norton password manager use a app login inside a user account
via mail and password, its like a web session.
i have access to my passwords via fingerprint check and if the app session is valid.
(i not really trust this logic. the os just say the app there was my finger on the sensor, its similar a yes/no and i guess it can be faked.)

Didier9 · Oct 5, 2019

Sasuke Sama said:
You cant do such on android bulit-in fingerprint scanner ... You need to get an external biometric device ( an external fingerprint scanner that plugs into usb ) which comes with its own sdk / app that can be used to store fingerprint into mysql or any other database

I do not believe that's correct. The Paypal app for instance identifies me from my fingerprint. I am not sure if they send my fingerprint to Paypal, of if it is just used to log me into the app and the app sends previously stored login info to the server though. That would be annoying if it were the case.... (it would indicate that my login info is saved in the app.) On the other hand, I am not sure I want Paypal to store my fingerprint info in the Cloud. What if they get hacked? How do I change my fingerprint?
Too many questions...

DataProtec · Oct 5, 2019

For the momento i have to finish a big Project, i will use "old system" simple Username and Password to login in the remote server App.
It is working fine with Android now in case the help i got from all the people here in the forum, thanks again.
Even i have to do this job for B4i, bought the IDE but no time to do.

When everything is done i will come back to find a better soloution, maybe fringerprint if posible, or NFC like RFID as well can be an option

Android Question Fingerprint Addon

DataProtec

Member

udg

Expert

DataProtec

Member

udg

Expert

DataProtec

Member

DonManfred

Expert

udg

Expert

DataProtec

Member

udg

Expert

DataProtec

Member

DonManfred

Expert

MarkusR

Well-Known Member

DataProtec

Member

MarkusR

Well-Known Member

DonManfred

Expert

MarkusR

Well-Known Member

Didier9

Well-Known Member

DataProtec

Member

Similar Threads

Android Question Fingerprint Addon

Member

Expert

Member

Expert

Member

Expert

Expert

Member

Expert

Member

Expert

Well-Known Member

Member

Well-Known Member

Expert

Well-Known Member

Well-Known Member

Member

Similar Threads

Privacy & Transparency

Privacy & Transparency