Fingerprint enabled apps in android for more security

-

FINGER PRINT ENBABLED APPS FOR MORE SECURITY

Fingerprint reader was first incorporated in Motorola Atrix. ATRIX integrates AuthenTec's AES1750 "smart sensor" into its power switch. With this sensor fingerprints can be used to authenticate the device user, providing a faster and easier means to unlock the device when compared with the typical on-screen methods (pattern, PIN, password). Fingerprint reader is supported in devices supporting android v2.3.4 and above. AuthenTec has created two separate SDKs to support the fingerprint reader.  The "Mobile SDK for Android" is the more basic of the two. It contains the "LAP" APIs which:
  • Verify  that the person using your app is the device owner, by requiring them to swipe their finger or enter their PIN
  • Verify that  one or more finger prints have been set up on the device.

Advanced Mobile SDK from AuthenTec contains the API from the Mobile SDK for android and includes a set of “GetSecret” APIs. These additional APIs allow to associate a secret with the user, like a password/PIN. The API key is needed by an application to register with the fingerprint framework. This key is based upon your app's package name, ensuring that only your app will be able to retrieve the secret that it has stored. It directs as to have a separate key for each app. The Advanced SDK includes the APIs from the Mobile SDK for Android, apps using this SDK can both verify that the user of the app is the device's owner as well as store and retrieve secret data.

Verifying the user

Verification of user can be written entirely using basic Mobile SDK for Android. It consists of 2 APIs:
  • One to see  if any fingerprints have been captured.
  • One for checking whether the captured is corresponding to the owner.

This can be done with the help of GetMap() and Verify() methods. GetMap() method returns a binary map indicating which fingers are currently registered. Verify() method prompts the user to swipe a registered finger to verify their identity.
Getting and setting a secret
The "GetSecret()" APIs provided by the Advanced SDK are only slightly more complex. They provide functionality that allows  to associate and then retrieve a "secret" with the user's fingerprints (or PIN). To use the GetSecret APIs, Advanced SDK is needed along with the API key for your application, based upon the application's package name. Storing a secret doesn't require any action on the user's part. The code simply packages the secret within a Credentialobject and then stores that object.





Comments

Post a Comment

Popular posts from this blog

Difference between "diff" and "sdiff" commands in Unix

-
Image
Hi everyone, in this blog post, I will be discussing about the difference between "diff" and "sdiff" commands in Unix. This is my first post about Unix. diff command diff command will compare two files and prints the difference between the 2 files. The format of diff command is diff file1 file2 . sdiff command sdiff command will compare two files side by side. The format of sdiff command is sdiff file1 file2. The contents of files are displayed side by side with a marker denoting the difference between each files. Some of the important markers used in sdiff are as follows: | - denotes the 2 files differ in the line completely. < - only the first file contains the line. > - only the second file contains the line. The better way to depict the difference is by showing examples. Here, I am comparing 2 files which are named as " ipl_teams_2008.txt " and " ipl_teams_2015.txt ". Let's see the contents of the files.
Read more

Anonymous classes in C++

-
Anonymous Classes in C++ Anonymous class is a class with no name. The main advantage of using an anonymous class is that it provides reusability of the class. Also anonymous class helps in encapsulation of data. Anonymous class is basically used when only one instance of the class is needed and it has only a short body. By defining an anonymous class, it does the same steps of defining a local class and instantiating it. The anonymous class is rightly used after it is defined. Following specifies an example of anonymous class in C++. class { int a; } c1; Here, c1 is an object of the anonymous class. Usually, anonymous classes in C++ are defined using "typedef" ( a keyword to assign alternative names to existing types). Typedef helps in giving another name to the class. It is shown as below: typedef class { int a; } newclass; newclass c2; Here newclass is the object of the anonymous class and c2 is its instance. Member variables can also be initialized in ano
Read more