How to detect if the user add new fingerprint to Android settings after he/she authenticate finger inside my application ?
i.e. iOS have something called (evaluatedPolicyDomainState) to detect changes in fingerprint catalog what is the alternative in Android ?
This require for security reasons to prompt password in this case
From the documentation for setUserAuthenticationRequired:
The key will become irreversibly invalidated once the secure lock screen is disabled (reconfigured to None, Swipe or other mode which does not authenticate the user) or when the secure lock screen is forcibly reset (e.g., by a Device Administrator). Additionally, if the key requires that user authentication takes place for every use of the key, it is also irreversibly invalidated once a new fingerprint is enrolled or once no more fingerprints are enrolled, unless
setInvalidatedByBiometricEnrollment(boolean)is used to allow validity after enrollment. Attempts to initialize cryptographic operations using such keys will throw KeyPermanentlyInvalidatedException.
So to check if any new fingerprints have been enrolled since you created your fingerprint-associated key, just create a cipher with that key and try to init the cipher. If any new fingerprints have been enrolled, the init call should trigger a KeyPermanentlyInvalidatedException.
I can get all finger id in integers.
private void getFingerprintInfo(Context context)
{
try {
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
Object obj = method.invoke(fingerprintManager);
if (obj != null) {
Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
Method getFingerId = clazz.getDeclaredMethod("getFingerId");
for (int i = 0; i < ((List) obj).size(); i++)
{
Object item = ((List) obj).get(i);
if(item != null)
{
System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
}
}
}
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
e.printStackTrace();
}
}
please refer to this: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/hardware/fingerprint/Fingerprint.java
there is a public method getFingerId( ), but it is not available for us to call because it has "@UnsupportedAppUsage".
so you need to use reflection to call the method. after you get a list of fingerprint id, you can encrypt them and store in sharedPreference.
Finger id is the id of the fingerprints stored in setting
After you get all finger ids, you can determine if user has added/deleted a fingerprint.
No need to count on the KeyPermanentlyInvalidatedException. It is not thrown in Android 8.0
Good luck!!!...
don't believe google did such a poor job
You can't add new fingerprints from your app.
Inside your application you only have access to the Auth Fingerprint Method which checks against registered fingerprints through the keyStore.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 乱世女痞 的文章《Android fingerprint detect new finger added》','https://www.manongdao.com/article-237067.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}