Detection of Biometry Enrollment Status

The usage of biometrics is a means of authentication without the need to fill in a PIN or password on a device. On the Android platform, the process of authentication with a PIN or password is vulnerable to several attacks. The secret knowledge might leak through various weaknesses in Android APIs that are exploitable by other apps installed on the device. Examples of such attack vectors might be accessibility API, screen recording, or custom keyboards.

Malwarelytics for Android is able to detect whether the device supports biometry and whether biometric data were enrolled on the device.

Triggering a Manual Check

Biometric detection containing biometric status can be triggered manually in RaspManager by calling the getBiometryDetection() method.

val biometryDetection = raspManager.getBiometryDetection()

When biometry data aren’t enrolled, biometryDetection.biometricStatus has the value NONE_ENROLLED.

More information on general RASP feature configuration and usage can be found in this overview.

Last updated on Nov 21, 2023 (13:06) View product
Search

develop

Malwarelytics for Android