I am new to fingerprint authentication in smartphones. As we know Samsung S5 currently supports fingerprint scanner. Is it possible to develop a custom application that can use the scanner to authenticate a user? I just need to know the identity of the user and if he has been authenticated correctly. My app can then take it from there and integrate with backend.

Google has now announced a generic fingerprint API for Android that can be utilised by any custom apps for authorisation and not just the native Google apps. It looks like the future is just getting brighter!

Taken from the Android Developers page linked below:

"To authenticate users via fingerprint scan, get an instance of the new FingerprintManager class and call the authenticate() method."

However you must also include this permission:

<uses-permission android:name="android.permission.USE_FINGERPRINT" />

If you want to find out more information then visit this URL and scroll down to Authentication:

https://developer.android.com/about/versions/marshmallow/android-6.0.html#fingerprint-authentication

Samsung provides Pass API to register, request and validate fingerprints. Its in here SAMSUNG FINGER PRINT API. There is a sample program too.

Fingerprint API preview for Android M is found here with Sample App. As of this writing, Android Compatibility Definition for Android M hasn't been published. So, if fingerprint sensor, the key hardware component of the fingerprint framework, is left as a "SHOULD" requirement (most likely to be true), then OEMs decide either to incorporate the sensor or not. But, since Android Pay is strongly ties to finger print framework, this may drive OEMs to include the fingerprint sensor.

I found this in google samples which demonstrates how you can use registered fingerprints in your app to authenticate the user before proceeding some actions such as purchasing an item.

First you need to create a symmetric key in the Android Key Store using KeyGenerator which can be only be used after the user has authenticated with fingerprint and pass a KeyGenParameterSpec.

By setting KeyGenParameterSpec.Builder.setUserAuthenticationRequired to true, you can permit the use of the key only after the user authenticate it including when authenticated with the user's fingerprint.

Then start listening to a fingerprint on the fingerprint sensor by calling FingerprintManager.authenticate with a Cipher initialized with the symmetric key created. Or alternatively you can fall back to server-side verified password as an authenticator.

Once the fingerprint (or password) is verified, the FingerprintManager.AuthenticationCallback#onAuthenticationSucceeded() callback is called.

It requires SDK V23. AFAIK its not useful for Samsung S5 but it might help others to use this feature.