Technobezz

BiometricPrompt API gives Android P Stronger Architecture with a New Challenge

Biometric authentication is a new challenge for app developers. They are constantly looking for the best and most efficient way to integrate it into their work. Recently, Google highlighted that, when it comes to Android P apps, it’s important to use a BiometricPrompt API for integrating biometric authentication.

What is BiometricPrompt API?

Next to passwords, PINs and security keys, biometrics are authentication methods that allow us to use an app or device. In this case, we’re talking about fingerprint and iris scanners and face recognition features.

Biometric authentication mechanisms are becoming increasingly popular, as they are considered safer and easier to use than other security measures. As a result, more and more devices are incorporating biometric authentication for keeping the users’ information private.

Updated operating systems, like Android P, are aware of the necessity to integrate modern security features in their apps. This leads to the use of BiometricPrompt API within every application update.

How do we know if BiometricPrompt protocols are followed?

Google ensure us that strong and objective test will be available to check the biometric authentication. Thus, developers will see that security is the main concern and it will not be neglected on all devices that will run their applications.

Devices which run earlier versions of Android O will receive help from a support library. Thanks to this facility, apps across more devices will benefit from the API.

What’s a BiometricPrompt architecture

Vishwath Mohan, Security Engineer at Google, declares that the API should be easy to use since it allows the platform to select the appropriate biometric authentication method instead of determining app developers to implement it.

As an example, he further explained that Android 8.1 tested the security area by introducing two new metrics applicable in case an attacker would try to hack an account. This security models are Spoof Accept Rate (SAR) and Imposter Accept Rate (IAR) and come as additions to the two safety metrics generally used: False Accept Rate (FAR) and False Reject Rate (FRR).

BiometricPrompt API gives Android P Stronger Architecture with a New Challenge 1

How do we know which biometric is strong and which is weak?

Biometric authentication mechanisms can be categorized into strong or weak by using the SAR/ IAR metrics. Those which have SAR/IAR lower than 7% are strong and those which are over this value are weak. Biometric authentication mechanisms with a SAR/IAR of 7% or lower are strong, and anything above 7% is weak.

You will be able to unlock a device with both types of biometrics, but weak versions have several flaws. For example, they require the use of a strong biometric (password or primary PIN), forthcoming BiometricPrompt API won’t support them, users won’t be able to authenticate payments and others.

More on this topic

Leave a Reply

Samsung Galaxy S10 3500 mAh
Samsung Galaxy S10: Wireless Reverse Charging Feature to be Included
FlexPai’s Foldable Phone to Become the First Device with the Snapdragon 855SoC Processor 7
FlexPai’s Foldable Phone to Become the First Device with the Snapdragon 855SoC Processor
iphone 11
Apple iPhone 11 Concept Design Suggests a Popup Camera Module; No Notch
How to Fix Galaxy Note 8 Bluetooth Issues
Samsung Galaxy Note 8, Galaxy J6+ and Galaxy J4 Receive December 2018 Security Patch Update
Android Apple Gaming How To Internet iPhone Personal Computers Review Site review The Top Best
How To Fix Samsung Galaxy S8 Wi-Fi Issues 9
How To Fix Samsung Galaxy S8 Wi-Fi Issues

If you are having problems with Wi-Fi on Samsung Galaxy S8...

How To Fix Samsung Galaxy S8 Slow Charging Issue 12
How To Fix Samsung Galaxy S8 Slow Charging Issue

Is your Samsung S8 charging slowly? Galaxy S8 slow charge can...

How to Fix “Unfortunately, Android Keyboard Has Stopped” 15
How to Fix “Unfortunately, Android Keyboard Has Stopped”

So you take your Android device out to send a quick...