Detection of Biometry Enrollment Status

Usage of biometrics is a means of authentication without the need to fill in PIN or password on a device. On Android platform the process of authentication with PIN or password is vulnerable to several attacks. The secret knowledge might leak though various weaknesses in Android APIs that are exploitable by other apps installed on the device. Examples of such attack vectors might be accessibility API, screen recording or custom keyboards.

Malwarelytics for Android is able to detect whether the device supports biometry and biometric data were enrolled on the device.

Triggering a Manual Check

Biometric detection containing biometric status can be triggered manually in RaspManager by calling the getBiometryDetection() method.

val biometryDetection = raspManager.getBiometryDetection()

When biometry data aren’t enrolled, biometryDetection.biometricStatus has value NONE_ENROLLED.

More information on general RASP feature configuration and usage can be found in this overview.

Last updated on Sep 19, 2022 (08:39) View product
Search

0.23.x

Malwarelytics for Android