• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!
  • Fill out your device list and let everyone know which phones you have!    Edit Your Device Inventory

Step by Step Integration for Huawei FIDO BioAuthn-AndroidX

Search This thread

Mustafa Sarıtemur

New member
Feb 4, 2021
4
0
b4e3b2a9-6a73-4d36-b07e-948c75e1765c (1).png

What is FIDO BioAuthn

FIDO provides your app with powerful local biometric authentication capabilities, including fingerprint authentication and 3D facial authentication. It allows your app to provide secure and easy-to-use password-free authentication for users while ensuring reliable authentication results.

Service Features

· Takes the system integrity check result as the prerequisite for using BioAuthn, ensuring more secure authentication.

· Uses cryptographic key verification to ensure the security and reliability of authentication results.


bio.png

Requirements

· Android Studio version: 3.X or later

· Test device: a Huawei phone running EMUI 10.0 or later

Configurations

For the step by step tutorial follow this link for integrating Huawei HMS Core: link

When you finish those steps you need to add below code to your build.gradle file under app directory of your project.
Code:
implementation 'com.huawei.hms:fido-bioauthn-androidx:{LatestVersion} '

*Current latest version: 5.0.5.304

After that, add bellow lines to your proguard-rules.pro in the app directory of your project.

Code:
-ignorewarnings
-keepattributes *Annotation*
-keepattributes Exceptions
-keepattributes InnerClasses
-keepattributes Signature
-keepattributes SourceFile,LineNumberTable
-keep class com.huawei.hianalytics.**{*;}
-keep class com.huawei.updatesdk.**{*;}
-keep class com.huawei.hms.**{*;}


Sync project and you are ready to go.

Development

1 - We need to add permissions to the AndroidManifest.xml.

XML:
<uses-permission android:name="android.permission.CAMERA"/>
<uses-permission android:name="android.permission.USE_BIOMETRIC"/>

2 – Create two buttons for fingerprint authentication and face recognition.
XML:
<Button
    android:layout_width="match_parent"
    android:layout_height="wrap_content"
    android:onClick="fingerAuth"
    android:layout_marginBottom="16dp"
    android:textAllCaps="false"
    android:text="@string/btn_finger" />

<Button
    android:layout_width="match_parent"
    android:layout_height="wrap_content"
    android:onClick="faceAuth"
    android:textAllCaps="false"
    android:text="@string/btn_face" />

3 – First let’s ask for Camera permission on onResume method of activity.

Java:
@Override
    protected void onResume() {
        super.onResume();
        if (checkSelfPermission(Manifest.permission.CAMERA) != PackageManager.PERMISSION_GRANTED) {
            String[] permissions = {Manifest.permission.CAMERA};
            requestPermissions(permissions, 0);
        }
    }

4 – Create a function that returns BioAuthnCallback object for later use.

Java:
public BioAuthnCallback bioAuthCallback() {
        return new BioAuthnCallback() {
            @Override
            public void onAuthError(int errMsgId, @NonNull CharSequence errString) {
                showResult("Authentication error. errorCode=" + errMsgId + ",errorMessage=" + errString
                        + (errMsgId == 1012 ? " The camera permission may not be enabled." : ""));
            }

            @Override
            public void onAuthHelp(int helpMsgId, @NonNull CharSequence helpString) {
                showResult("Authentication help. helpMsgId=" + helpMsgId + ",helpString=" + helpString + "\n");
            }

            @Override
            public void onAuthSucceeded(@NonNull BioAuthnResult result) {
                showResult("Authentication succeeded. CryptoObject=" + result.getCryptoObject());
            }

            @Override
            public void onAuthFailed() {
                showResult("Authentication failed.");
            }
        };
}

5 – So far we implemented requirements. Now we can implement Fingerprint authentication button onClick method.
Java:
public void fingerAuth(View v) {
        BioAuthnPrompt bioAuthnPrompt = new BioAuthnPrompt(this, ContextCompat.getMainExecutor(this), bioAuthCallback());
        BioAuthnPrompt.PromptInfo.Builder builder =
                new BioAuthnPrompt.PromptInfo.Builder().setTitle("FIDO")
                        .setDescription("To proceed please verify identification");


        builder.setDeviceCredentialAllowed(true);
        //builder.setNegativeButtonText("Cancel");

        BioAuthnPrompt.PromptInfo info = builder.build();
        bioAuthnPrompt.auth(info);
}


The user will first be prompted to authenticate with biometrics, but also given the option to authenticate with their device PIN, pattern, or password. setNegativeButtonText(CharSequence) should not be set if this is set to true vice versa.

Huawei provides the secure fingerprint authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError() returns the error code BioAuthnPrompt.ERROR_SYS_INTEGRITY_FAILED (Code: 1001). If the system is secure, fingerprint authentication is performed.

6 – Now we can also implement face recognition button’s onPress method.

Java:
public void faceAuth(View v) {
        CancellationSignal cancellationSignal = new CancellationSignal();
        FaceManager faceManager = new FaceManager(this);
        int flags = 0;
        Handler handler = null;
        CryptoObject crypto = null;
        faceManager.auth(crypto, cancellationSignal, flags, bioAuthCallback(), handler);
}


You are advised to set CryptoObject to null. KeyStore is not associated with face authentication in the current version. KeyGenParameterSpec.Builder.setUserAuthenticationRequired() must be set to false in this scenario.

Huawei provides the secure 3D facial authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError returns the error code FaceManager.FACE_ERROR_SYS_INTEGRITY_FAILED (Code: 1001). If the system is secure, 3D facial authentication is performed.

7 – For the last part lets implement showResult method that we used on bioAuthCallback method to keep log of the operations and show a toast message.

Java:
public void showResult(String text) {
    Log.d("ResultTag", text);
    Toast.makeText(this, text, Toast.LENGTH_SHORT).show();
}

You can shape showResult method like you can proceed to another activity-fragment or whatever you want your application to do.

With all set you are ready to implement Huawei FIDO BioAuthn to your application.

Conclusion

With this article you can learn what Huawei FIDO BioAuthn is and with the step by step implementation it will be very easy to use it on your code.

For more information about Huawei FIDO follow this link.

Thank you.