Download
1 / 16
160 likes | 177 Vues
Todayu2019s biometric identification and authentication systems cover checks to verify that the biometric elements arenu2019t coming from video or audio recordings as well. #androidappdevelopment #iotplatform #Softqube
E N D
Mobile Authentication with Biometric (Fingerprint or Face) In Android Represent by : Softqube Technologies Pvt. Ltd.
An Introduction of Biometric Authentication Biometric is the technical term for human body measurements and calculations. It measures human characteristics. Biometrics authentication is used in computer science as a form of access control and authentication. It is also used to identify individuals in groups of people that are under surveillance. Biometric authentication and identification is unique, they are more dependable in verifying identity than token and knowledge-based methods; but, the collection of biometric identifiers raises privacy related to the ultimate use of this information. In verification or authentication mode the system performs a one-to-one comparison of a captured biometric with a specific template stored in a biometric DB in order to verify the separate is the person they claim to be. Three steps are in the verification of a person. In the first step, reference models for all the users are generated and stored in the model DB.
Continue.. Figure-1.0 Biometric System Diagram.
Continue.. In the second step, some samples are matched with reference models to generate the genuine and pretender scores and calculate the threshold. The third step is the testing step. This process use a smart card, username or ID number (e.g. PIN) to indicate which template should be used for check. Positive authentication and identification is a regular use of the verification mode, where the aim is to prevent multiple people from using the identity.
Android Biometric Architecture The two new APIs introduced the old FingerprintManager that was used for handling fingerprint biometrics on Android devices. Particularly, The FingerprintManager class was deprecated in API level 28. The flow diagram across android versions can be seen above, the original image can be found in the Android Developer documentation here.
Continue.. All biometric implementations must meet security specifications as per documentation and have a strong rating in order to participate in the BiometricPrompt class”. The BiometricPrompt class covers a companion Builder class that can be used to configure and create BiometricPrompt class instances, as well as defining the text that is to seem within the biometric identification and authentication dialog and the customization of the cancel button that appears in the dialog. Fingerprint is only available on devices which contain a touch sensor and on which the acceptable configuration has been taken to make secure the device and register at least one fingerprint. Biometric factors permite for secure authentication on the Android platform. The Android framework covers face and fingerprint biometric authentication.
Steps to implement BiometricPrompt Compat: Set Permission on manifest.xml file.
Set androidx.biometric dependency to app level build.gradle file: Create BiometricPrompt instance:
Create BiometricPrompt.PromptInfo instance: When we call the biometricPrompt.authenticate() method, we need to send the instance of BiometricPrompt.PromptInfo. We can create instances of BiometricPrompt.PromptInfo using BiometricPrompt.PromptInfo.Builder.
Start Authentication: In this last step, using BiometricPrompt class install you can call authenticate() method and pass BiometricPrompt.PromptInfo class instance we built in previous step: You can cancel the authentication by calling below method : As we have integrated it’s easy, As Google provided the system authentication prompt using a device’s supported biometric and as you can see, it is easy to integrate.
Biometric HAL Guidelines For Secure Biometric Data. First, we need to make sure that raw biometric data or derivatives such as templates are never accessible from outside the sensor driver or secure isolated environment such as the TEE or Secure Element. If the hardware supports it, limit hardware access to the secure separate environment and protect it with an Linux policy. Make the communication channel such as SPI and I2C accessible only to the secure single environment with an SELinux policy on all device files. Biometric acquisition, enrollment, and recognition must occur inside the secure separate environment to protect data breaches and other attacks. This requirement only applies to strong biometrics. Biometric data store only the encrypted form or derivatives on the file system.
Continue.. To protect against replay attacks, sign biometric templates with a private, device-specific key. For Advanced Encryption Standard (AES), at a minimum sign a template with the absolute file-system path, group, and biometric ID such that template files are inoperable on another device or for anyone other than the user that enrolled them on the same device. such as , not allowing copying biometric data from different users on the same device or other device. When a user is removed, remove all template data also and Use the file-system path provided by the set_active_group()function, It’s recommended that biometric template files be stored as encrypted in the path provided. If this is impossible due to the storage requirements of the secure single environment, to ensure removal of the data need to add hooks when the user is removed or the device is wiped.
How can biometric authentication improve mobile security? A strong authentication of mobile strategy should encompass a biometric factor, and it should examine implementing such a factor into a multifactor authentication process. There are some methods used in modern mobile devices to authenticate users to a locked device. Mobile authentication should provide the simplicity to use and security for organization; it’s important for the user, and biometric authentication in android devices offers this balance in a single factor.
Traditional Mobile Authentication To access their device authentication method is used as a standard password for this user to enter letters, numbers and symbols.this is simple to use until users don’t forget their passcodes. But it does not provide strong protection because users use the same passcode for multiple devices or other logins. Passcodes are easy for hackers to crack, and they’re capable of shoulder surfing — it might be possible for someone determining the passcode by simply looking over the user’s shoulder. Another mobile authentication method is the action pattern. In this case, users recreate certain patterns by dragging their fingers across the screen. The action pattern is more awkward for users than passcodes; this is especially true as the patterns become more complex. Action patterns are more secure than passcodes, but the general security of this method depends on the pattern’s complexity. Shoulder surfing might be possible in action patterns, and users may leave marks on the screens from repeatedly entering the same pattern.
Biometric authentication factors Biometric identification and authentication depends on unique biological attributes, such as a fingerprint, an iris, a face or even a heartbeat. These attributes are much more difficult for hackers and criminals to exploit because they’re unique to each individual. Today’s biometric identification and authentication systems cover checks to verify that the biometric elements aren’t coming from video or audio recordings as well. With biometric authentication and identification for mobile devices, users don’t have to remember passcodes or action patterns, and they don’t have to carry around security keys. It’s easy for users to authenticate to their devices at any time. Biometric authentication also has risks as like any other mobile authentication method. In Biometric authentication such as potential false positives or compromised digital image files. Once a hacker steals a biometric image, that biometric factor is compromised constantly;
