Android Biometrics 指纹扫描仪用于用户搜索

Question

currently i am looking to see if i can use in android the fingerprint scanner to find user's.

for example using android firebase to authenticate users, then by using the fingerprint to search for the specific users that will show their information.

is there a way to do this? because last time i checked, the information is stored locally on the android device, thus i am a bit lacking into if its possible to do so or not.

currently looking for a way to do authentication using biometric's inside my app using firebase so that i can only have a single user without multiple accounts, using biometrics to lock the user into 1 account, to check either if the user already has an account using biometrics, and then searching results using bio metrics.

Answer 1

If I understand you correctly you want to sign the user into Firebase using their Android Biometric Prompt.

I've quickly looked at the API for Biometric Prompt , and it seems an authentication user is identified by an AuthenticationResult which in turn contains a CryptoObject . That last object contains the cipher, signature and mac for the sign-in, which you can use to verify that it was performed by a trusted source.

You could send all this information over to a trusted environment (such as your development machine, a server you control, or Cloud Functions), verify it there, and then use that to mint a custom token for the user.

The main problem (aside from the fact there is likely no sample code) I see is that there is no information about the user that is available after the Biometric Prompt. So you know they are the real user of that phone, but nothing else about them. This is not uncommon in Firebase, as it is similar to the lack of information that the built-in anonymous authentication provider has, but you'll have to see if it's enough for your use-case.

In addition to the links I embedded above, also see:

• 5 steps to implement Biometric authentication in Android