I am using confirm credentials api in my app to authenticate user, using createConfirmDeviceCredentialIntent api.
The api is working fine when I have set up my device lock as pin/pattern/password or fingerprint. But, it's not working in the case of face unlock. I've set face unlock in my device and it's working fine when opening the device. But when I launch the intent using the above mentioned api, it's not recognizing face unlock but all the other things.
Is this a limitation of this api? or I've to do something extra to achieve this?
Can't find this anywhere so posting here.
Facial recognition options To access these options, navigate to Settings, and then tap Biometrics and security. Tap Face recognition, and then enter your security credentials.
Many people know that Apple's Face ID system is more secure than the default Android facial recognition program. For example, Face ID can't be fooled by a photograph.
The Android face authentication stack is a new implementation in Android 10. The new implementation introduces the IBiometricsFace. hal , IBiometricsFaceClientCallback.
The good news is that you don't have to worry about it. Most operating systems that support biometric unlock methods employ specific measures to ensure that sensitive data, including your facial features and fingerprints, is stored securely.
Unfortunately, this isn't possible because unlocking using your face is part of the Smart Lock set of unlock tools.
Other methods of unlocking that fall under the Smart Lock category include:
Because none of these are primitive security methods in Android, it does not make sense to allow these to be accessed using APIs.
If Smart Lock could be used with Keyguard, on-body detection would be in theory be able to grant access to an app, being in a trusted place (but not in the hands of a trusted person) and even trusted voice could be used.
Apple and Face ID can allow this because Face ID is a primitive security method for the iPhone X, as the data used to unlock the device is kept in the Secure Enclave, in the same way that Touch ID data is.
I hope this gives you enough reason as to why this isn't possible, and why it makes sense that this isn't possible.
Sources: Keyguard (stating unlock methods allowed to be used), Smart Lock, Face ID
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With