Biometric change detection functionality has been implemented which returns an error if there are discrepancies and prevents login if secureFlag is activated.
-
Initialisation
When the app is initialised, the indicated parameters are passed to it:
BioApplication.initBioLibrary(isClientLib, licenseKey, secureFlag)-
Enrollment
A snapshot of the current biometric status of the device is taken by generating a key in the keystore linked to the OS biometric authentication (together with a timestamp in milliseconds in sharedPreferences). This photo is taken at the end of the enrolment process:
To make the snapshot in KOTLIN, we call snapshotBiometricAdditions:
override fun doAfterValidationFinished() {
Toast.makeText(this, "Successful validating", Toast.LENGTH_SHORT).show()
BiometricUtils.snapshotBiometricAdditions(bioSharedPreferences)
}
-
Login
To log in and collect user data, we make a call touserInfoWithLogin from PublicDataSource. Internally it will validate biometric changes.
private fun login() {
PublicDataSource(BioSharedPreferences(this)).userInfoWithLogin(
activity = this,
resultLauncherLogin = resultLauncherLogin,
onSuccess = { userInfoBack -> onSuccess(userInfoBack) },
onError = { exception -> onError(exception)
})
}
-
Login or create
Start the app and make a call to the loginOrCreated method of the publicDataSource. It will check internally if there is a user to redirect to the enrollment (if there is not) or make a login (if there is) and verifying the existence of biometric changes.
private fun loginOrCreate() {
publicDataSource.loginOrCreate(
activity = this,
resultLauncherLogin = resultLauncherLogin,
launchEnrollment = { startEnrollment() },
onLoginSuccess = { goToDashboard() },
onError = { exception -> showError(exception) }
)
}
SecureFlag = TRUE
If there are biometric changes, it spits out an exception and prevents the normal login and scanQR flow from continuing. The integrator is in charge of contemplating the desired flow when capturing it and, for example, offering the user to redirect him to the enrollment to validate the user again.
SecureFlag = FALSE
If there are biometric changes it spits out an exception but continues with the normal login or scanQR flow. Every time we perform this process it spits the exception because the biometric status is not updated.
Once the fingerprints have been modified, it will ALWAYS be different from the snapshot taken at the end of the enrollment process and it will ALWAYS return the exception (even if it continues with the login).
-
LOGIN
We can catch that exception and deal with it inonError = { exception -> showError(exception) }:
PublicDataSource(bioSharedPreferences).userInfoWithLogin(
activity = this,
resultLauncherLogin = resultLauncherLogin,
onSuccess = { userInfoBack -> onSuccess(userInfoBack) },
onError = { exception -> onError(exception)
})
private fun showError(error: BioException) {
if(error.error is Error.FingerprintChanged && MyApp.getBiometricSecurityFlag(this)) {
// There are biometric changes AND security flag is TRUE
} else if(error.error is Error.FingerprintChanged) {
// There are biometric changes BUT without security flag, only notify to user and continue with flow
} else {
// Other errors
}
}
-
ScanQR
ConfigFile.startBioScan(context, resultBarCodeLauncher)
resultBarCodeLauncher = registerForActivityResult(
ActivityResultContracts.StartActivityForResult()) { result ->
when(result.resultCode) {
RESULT_OK -> {
// Scan completed sucessfuly
}
RESULT_CANCELED -> {
result.data?.extras?.let {
val bioException = it.get(Constants.ERROR) as BioException
// Scan NOT COMPLETED
}
}
Constants.RESULT_OK_WITH_BIOMETRIC_CHANGES -> {
// There are biometric changes AND security flag is FALSE
result.data?.extras?.let {
val bioException = it.get(Constants.ERROR) as BioException
// Scan completed sucessfuly with biometric error
}
}
}
}