Overview

FIDO BioAuthn provides your app with powerful local biometric authentication capabilities, including fingerprint authentication and 3D facial authentication. It allows your app to provide secure and easy-to-use password-free authentication for users while ensuring reliable authentication results. HUAWEI FIDO provides two SDKs:

What You Will Create

In this codelab, you will use the demo project to call the FIDO BioAuthn API. Through this demo project, you will:

What You Will Learn

Other Features

FIDO (FIDO2)

Hardware Requirements

Software Requirements

To integrate HUAWEI FIDO services, you must complete the following preparations:

For details, please refer to Preparations for Integrating HUAWEI HMS Core.

Enabling the Service

  1. On the app information page of the project, click the Manage APIs tab.
  2. Toggle on the FIDO switch.

Adding the AppGallery Connect Configuration File of Your App

Move the downloaded agconnect-services.json file to the app directory of your Android Studio project.

Configuring the Maven Repository Address for the HMS Core SDK

Open the build.gradle file in the root directory of your Android Studio project.

Go to allprojects > repositories and configure the Maven repository address for the HMS Core SDK.

allprojects { repositories { google() jcenter() // Add the following line maven { url 'https://developer.huawei.com/repo/' } } }

Go to buildscript > repositories and configure the Maven repository address for the HMS Core SDK.

buildscript { repositories { google() jcenter() // Add the following line. maven { url 'https://developer.huawei.com/repo/' } } }

Go to buildscript > dependencies and add dependency configurations.

buildscript { dependencies { classpath 'com.android.tools.build:gradle:3.3.0' // Add the following line classpath 'com.huawei.agconnect:agcp:1.4.1.300' } }

Adding Build Dependencies

Open the build.gradle file in the app directory.

Add build dependencies.

1. BioAuthn-AndroidX

dependencies { // Add the following line implementation 'com.huawei.hms:fido-bioauthn-androidx:5.0.2.303' }

2. BioAuthn

dependencies { // Add the following line implementation 'com.huawei.hms:fido-bioauthn:5.0.2.303' }

Add the AppGallery Connect plug-in dependency to the file header.

apply plugin: 'com.huawei.agconnect'

Configure the signature in android.

Copy the JKS file (for example, FIDO BioAuthn Android Sample.jks) obtained during integration preparations to the app directory of your project, and configure the signature in the build.gradle file.

android { signingConfigs { config { keyAlias 'FIDO BioAuthn Android Sample' keyPassword '123456' storeFile file('FIDO BioAuthn Android Sample.jks') storePassword '123456' } } buildTypes { debug { signingConfig signingConfigs.config } release { signingConfig signingConfigs.config minifyEnabled false proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' } } }

Click Sync Now to synchronize the project.

HUAWEI FIDO provides two SDKs:

The following describes how to use APIs of the two SDKs.

BioAuthn-AndroidX SDK

1. Fingerprint Authentication

Huawei provides the secure fingerprint authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError() returns the error code BioAuthnPrompt.ERROR_SYS_INTEGRITY_FAILED or BioAuthnPrompt.ERROR_CRYPTO_VERIFY_FAILED. If the system is secure, fingerprint authentication is performed. For details about the fingerprint authentication error codes, please refer to the API Reference.

The following is the sample code for using fingerprint authentication:
Java sample code:

import android.view.View; import androidx.appcompat.app.AppCompatActivity; import androidx.core.content.ContextCompat; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnManager; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnPrompt; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; public class MainActivity extends AppCompatActivity { public void btnFingerAuthenticateWithoutCryptoObjectClicked(View view) { // Whether fingerprint authentication is supported. BioAuthnManager bioAuthnManager = new BioAuthnManager(this); int errorCode = bioAuthnManager.canAuth(); if (errorCode != 0) { // Fingerprint authentication is not supported. return; } // Callback. BioAuthnCallback callback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication successful. } @Override public void onAuthFailed() { // Authentication failed. } }; BioAuthnPrompt bioAuthnPrompt = new BioAuthnPrompt(this, ContextCompat.getMainExecutor(this), callback); // Construct the prompt information. BioAuthnPrompt.PromptInfo.Builder builder = new BioAuthnPrompt.PromptInfo.Builder().setTitle("This is the title.") .setSubtitle("This is the subtitle") .setDescription("This is the description"); // Prompt the user to use the fingerprint for authentication, and provide options for the user to use the PIN, lock screen pattern, or lock screen password for authentication. // If the parameter is set to true here, setNegativeButtonText(CharSequence) cannot be set. builder.setDeviceCredentialAllowed(true); // Set the cancellation button title. If a title is set, setDeviceCredentialAllowed(true) cannot be set. // builder.setNegativeButtonText("This is the 'Cancel' button."); BioAuthnPrompt.PromptInfo info = builder.build(); bioAuthnPrompt.auth(info); } }

Kotlin sample code:

import android.view.View import androidx.appcompat.app.AppCompatActivity import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback import com.huawei.hms.support.api.fido.bioauthn.BioAuthnManager import com.huawei.hms.support.api.fido.bioauthn.BioAuthnPrompt import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult import java.util.concurrent.Executors class BioMainActivity : AppCompatActivity() { fun btnFingerAuthenticateWithoutCryptoObjectClicked(view: View?) { val bm = BioAuthnManager(this) val errorCode = bm.canAuth() if (errorCode != 0) { // Fingerprint authentication is not supported. return; } // Callback. val bioAuthnCallback: BioAuthnCallback = object : BioAuthnCallback() { override fun onAuthError(err: Int, message: CharSequence) { // Authentication error. } override fun onAuthSucceeded(result: BioAuthnResult) { // Authentication success. } override fun onAuthFailed() { // Authentication failure. } } var bioAuthnPrompt = BioAuthnPrompt(this, Executors.newSingleThreadExecutor(), bioAuthnCallback) // Build the biometric prompt info val builder = BioAuthnPrompt.PromptInfo.Builder().setTitle("This is the title.") .setSubtitle("This is the subtitle") .setDescription("This is the description") // Prompt the user to use the fingerprint for authentication, and also provide options for the user to use the PIN, lock screen pattern, or lock screen password for authentication. // If the parameter is set to true here, setNegativeButtonText(CharSequence) is not supported. builder.setDeviceCredentialAllowed(false) // Set the cancellation button title. If a title is set, setDeviceCredentialAllowed(true) is not supported. // builder.setNegativeButtonText("This is the 'Cancel' button."); val info = builder.build() bioAuthnPrompt.auth(info) } }

2. 3D Facial Authentication

Huawei provides the secure 3D facial authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError() returns the error code FaceManager.FACE_ERROR_SYS_INTEGRITY_FAILED. If the system is secure, 3D facial authentication is performed. For details about the 3D facial authentication error codes, please refer to the API Reference.

The following is the sample code for using the 3D facial authentication capability:
Java sample code:

import android.os.CancellationSignal; import android.os.Handler; import android.view.View; import androidx.appcompat.app.AppCompatActivity; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; import com.huawei.hms.support.api.fido.bioauthn.CryptoObject; import com.huawei.hms.support.api.fido.bioauthn.FaceManager; public class MainActivity extends AppCompatActivity { public void btnFaceAuthenticateWithoutCryptoObjectClicked(View view) { // Callback. BioAuthnCallback callback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthHelp(int helpMsgId, CharSequence helpString) { // Help. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication successful. } @Override public void onAuthFailed() { // Authentication failed. } }; // Cancellation signal. CancellationSignal cancellationSignal = new CancellationSignal(); FaceManager faceManager = new FaceManager(this); int errorCode = faceManager.canAuth(); if (errorCode != 0) { // Authentication is not supported. return; } // Flags. int flags = 0; // Authentication message handler. Handler handler = null; // It is recommended that CryptoObject be set to null. In this version, KeyStore is not associated with facial authentication. // The value must be passed to KeyGenParameterSpec.Builder.setUserAuthenticationRequired(). CryptoObject crypto = null; faceManager.auth(crypto, cancellationSignal, flags, callback, handler); } }

Kotlin sample code:

import android.os.CancellationSignal import android.os.Handler import android.view.View import androidx.appcompat.app.AppCompatActivity import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult import com.huawei.hms.support.api.fido.bioauthn.FaceManager import com.huawei.hms.support.api.fido.bioauthn.CryptoObject class BioMainActivity : AppCompatActivity() { fun btnFaceAuthenticateWithoutCryptoObjectClicked(view: View?) { val callbackFace: BioAuthnCallback = object : BioAuthnCallback() { override fun onAuthError(errMsgId: Int, errString: CharSequence) { // Authentication error. } override fun onAuthHelp(helpMsgId: Int, helpString: CharSequence) { // Help. } override fun onAuthSucceeded(result: BioAuthnResult) { // Authentication success. } override fun onAuthFailed() { // Authentication failure. } } // Cancellation signal. val cancellationSignal = CancellationSignal() val faceManager = FaceManager(this) val errorCode = faceManager.canAuth() if (errorCode != 0) { // Authentication is not supported. return } // Flags. val flag = 0 // Authentication message handler. var handler: Handler? = null // It is recommended that CryptoObject be set to null. In this version, KeyStore is not associated with facial authentication. // The value false must be passed to KeyGenParameterSpec.Builder.setUserAuthenticationRequired(). var crypto: CryptoObject? = null faceManager.auth(crypto, cancellationSignal, flag, callbackFace, handler) } }

BioAuthn SDK

1. Fingerprint Authentication

Huawei provides the secure fingerprint authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError() returns the error code FingerprintManager.ERROR_SYS_INTEGRITY_FAILED or FingerprintManager.ERROR_CRYPTO_VERIFY_FAILED. If the system is secure, fingerprint authentication is performed. For details about the fingerprint authentication error codes, please refer to the API Reference.

The following is the sample code for using fingerprint authentication:
Java sample code:

import android.app.Activity; import android.view.View; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; import com.huawei.hms.support.api.fido.bioauthn.FingerprintManager; import java.util.concurrent.Executors; public class MainActivity extends Activity { public void btnFingerAuthenticateWithoutCryptoObjectClicked(View view) { // Callback. BioAuthnCallback bioAuthnCallback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication successful. } @Override public void onAuthFailed() { // Authentication failed. } }; FingerprintManager fingerprintManager = new FingerprintManager(this, Executors.newSingleThreadExecutor(), bioAuthnCallback); // Whether authentication is supported. int errorCode = fingerprintManager.canAuth(); if (errorCode == 0) { // Authentication is not supported. return; } // Perform authentication. fingerprintManager.auth(); } }

Kotlin sample code:

import android.view.View import androidx.appcompat.app.AppCompatActivity import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult import com.huawei.hms.support.api.fido.bioauthn.FingerprintManager import java.util.concurrent.Executors class MainActivity : AppCompatActivity() { fun btnFingerCanAuthenticateClicked(view: View?) { // Callback. val bioAuthnCallback: BioAuthnCallback = object : BioAuthnCallback() { override fun onAuthError(err: Int, message: CharSequence) { // Authentication error. } override fun onAuthSucceeded(result: BioAuthnResult) { // Authentication success. } override fun onAuthFailed() { // Authentication failure. } } var fingerprintManager = FingerprintManager(this, Executors.newSingleThreadExecutor(), bioAuthnCallback) // Whether authentication is supported. val errorCode = fingerprintManager.canAuth() if (errorCode != 0) { // Authentication is not supported. return } // Perform authentication. fingerprintManager.auth() } }

2. 3D Facial Authentication

Huawei provides the secure 3D facial authentication capability. If the system is insecure, the callback method BioAuthnCallback.onAuthError() returns the error code FaceManager.FACE_ERROR_SYS_INTEGRITY_FAILED. If the system is secure, 3D facial authentication is performed. For details about the 3D facial authentication error codes, please refer to the API Reference.

The following is the sample code for using the 3D facial authentication capability:
Java sample code:

import android.app.Activity; import android.os.CancellationSignal; import android.os.Handler; import android.view.View; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; import com.huawei.hms.support.api.fido.bioauthn.CryptoObject; import com.huawei.hms.support.api.fido.bioauthn.FaceManager; public class MainActivity extends Activity { public void btnFaceAuthenticateWithoutCryptoObjectClicked(View view) { // Callback. BioAuthnCallback callback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthHelp(int helpMsgId, CharSequence helpString) { // Help. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication successful. } @Override public void onAuthFailed() { // Authentication failed. } }; // Cancellation signal. CancellationSignal cancellationSignal = new CancellationSignal(); FaceManager faceManager = new FaceManager(this); int errorCode = faceManager.canAuth(); if (errorCode != 0) { // Authentication is not supported. return; } // Flags. int flags = 0; // Authentication message handler. Handler handler = null; // It is recommended that CryptoObject be set to null. In this version, KeyStore is not associated with facial authentication. // KeyGenParameterSpec.Builder.setUserAuthenticationRequired() must be set to false. CryptoObject crypto = null; faceManager.auth(crypto, cancellationSignal, flags, callback, handler); } }

Kotlin sample code:

import android.os.CancellationSignal import android.view.View import android.os.Handler import androidx.appcompat.app.AppCompatActivity import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult import com.huawei.hms.support.api.fido.bioauthn.FaceManager import com.huawei.hms.support.api.fido.bioauthn.CryptoObject class MainActivity : AppCompatActivity() { fun btnFaceAuthenticateWithoutCryptoObjectClicked(view: View?) { // Callback. val callback: BioAuthnCallback = object : BioAuthnCallback() { override fun onAuthError(errMsgId: Int, errString: CharSequence) { // Authentication error. } override fun onAuthHelp(helpMsgId: Int, helpString: CharSequence) { // Help. } override fun onAuthSucceeded(result: BioAuthnResult) { // Authentication success. } override fun onAuthFailed() { // Authentication failure. } } // Cancellation signal. val cancellationSignal = CancellationSignal() val faceManager = FaceManager(this) val errorCode = faceManager.canAuth() if (errorCode != 0) { // Authentication is not supported. return; } // Flags. val flags = 0 // Authentication message handler. val handler: Handler? = null // It is recommended that CryptoObject be set to null. In this version, KeyStore is not associated with facial authentication. // The value false must be passed to KeyGenParameterSpec.Builder.setUserAuthenticationRequired(). val crypto: CryptoObject? = null faceManager.auth(crypto, cancellationSignal, flags, callback, handler) } }

Install the APK to be tested and tap the test button to trigger fingerprint authentication or 3D facial authentication.

Well done. You have successfully completed this codelab and learned:

For more information, please click the following link:

Related documents

BioAuthn-AndroidX SDK

You can click the button below to download the source code.

Download source code

BioAuthn SDK

You can click the button below to download the source code.

Download source code

Code copied