BiometricManager.Authenticators
public interface BiometricManager.Authenticators
Types of authenticators, defined at a level of granularity supported by BiometricManager and BiometricPrompt.
Types may combined via bitwise OR into a single integer representing multiple authenticators (e.g. DEVICE_CREDENTIAL | BIOMETRIC_WEAK).
| See also | |
|---|---|
canAuthenticate |
|
setAllowedAuthenticators |
Summary
Constants |
|
|---|---|
default static final int |
BIOMETRIC_STRONG = 15Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Class 3 (formerly Strong), as defined by the Android CDD. |
default static final int |
BIOMETRIC_WEAK = 255Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Class 2 (formerly Weak), as defined by the Android CDD. |
default static final int |
DEVICE_CREDENTIAL = 32768The non-biometric credential used to secure the device (i.e. PIN, pattern, or password). |
default static final int |
@RequiresPermission(value = "android.permission.SET_BIOMETRIC_DIALOG_ADVANCED")The bit is used to request for Identity Check. |
Constants
BIOMETRIC_STRONG
default static final int BIOMETRIC_STRONG = 15
Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Class 3 (formerly Strong), as defined by the Android CDD.
BIOMETRIC_WEAK
default static final int BIOMETRIC_WEAK = 255
Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Class 2 (formerly Weak), as defined by the Android CDD.
Note that this is a superset of BIOMETRIC_STRONG and is defined such that BIOMETRIC_STRONG | BIOMETRIC_WEAK == BIOMETRIC_WEAK.
DEVICE_CREDENTIAL
default static final int DEVICE_CREDENTIAL = 32768
The non-biometric credential used to secure the device (i.e. PIN, pattern, or password). This should typically only be used in combination with a biometric auth type, such as BIOMETRIC_WEAK.
IDENTITY_CHECK
@RequiresPermission(value = "android.permission.SET_BIOMETRIC_DIALOG_ADVANCED")
default static final int IDENTITY_CHECK = 65536
The bit is used to request for Identity Check. Identity Check is a feature added in API 36, which requires class 3 biometric authentication to access sensitive surfaces when the device is outside trusted places.
The requirements to trigger Identity Check are as follows:
- User must have enabled the toggle for Identity Check in settings
- User must have enrollments for at least one BIOMETRIC_STRONG sensor
- The device is determined to be in a high risk environment, for example if it is outside of the user's trusted locations or fails to meet similar conditions
- The Identity Check requirements bit must be true
If all the above conditions are satisfied, only BIOMETRIC_STRONG sensors will be eligible for authentication, and device credential fallback will be dropped.
For backward compatibility: If identity check isn't supported on the current API level:
- a. if there are other allowed authenticators bits, identity check will be ignored and use the others for authentication;
- b. if IDENTITY_CHECK is the only allowed authenticators bit, identity check will be ignored and the default authenticator will be used.