CryptoObject let you sign data. Keys to sign data are stored on secure hardware (Secure Element) on device. Data is signed by this Secure Element. Secure Element can only sign data when Fingerprint is recognized. Keys never go outside Secure Element. Please read this http://android-developers.blogspot.fr/2015/10/new-in-android-samples-authenticating.html

If you just want to authenticate a user CrytoObject is unnecessary. If you want encrypt or decrypt data with a key stored in secure storage (secure element in hardware) then you could use CryptoObject. This secured key is available to crypt or decrypt data only after an authentication.

Handler You can optionally provide a Handler. If provided, FingerprintManager will use the Looper from this Handler for its inner MyHandler instance.

private void useHandler(Handler handler) { 
    if (handler != null) { 
        mHandler = new MyHandler(handler.getLooper()); 
    } else if  (mHandler.getLooper() != mContext.getMainLooper()) { 
        mHandler = new MyHandler(mContext.getMainLooper()); 
    } 
}

Providing the looper allows us to define what thread to run on and listen for message logging.

Looper looper = Looper.getMainLooper(); 
looper.setMessageLogging(new Printer() { 
    @Override 
    public void println(String x) { 
        Log.d(TAG, x); 
    } 
}); 
mFingerprintManager.authenticate(cryptoObject, mCancellationSignal, 0, this, new Handler(looper)); 

Please read this https://www.captechconsulting.com/blogs/introducing-androids-fingerprint-api