The Motorola ATRIX 4G is one of the exciting new dual-core Android smartphones to hit the market this year. One of its most compelling security features is its first-of-its-kind fingerprint reader or scanner. The fingerprint scanner is located on the back of the device, enabling users to unlock their devices at the swipe of a finger as opposed to entering cumbersome numeric codes or passwords.
This past month, Motorola and AuthenTec have released several free SDKs which allow developers to incorporate fingerprint scanning features directly into Android applications. In this article, we’ll discuss how to get up and running developing for this exciting device and using these new SDKs.
What You’ll Need for This Tutorial
There are a number of prerequisites for this tutorial. You will need to be familiar with the Android development environment. We assume you have a computer set up to develop Android applications, with the appropriate IDE (such as Eclipse) and the Android SDK (Gingerbread, Android 2.3.4+) installed for development purposes. You will also need a Motorola ATRIX 4G device. You cannot use the emulator to complete this tutorial.
For your SDK, there are two available–one for light integration and one for full integration–using the fingerprint reader.
- The Mobile SDK for Android provides lightweight fingerprint support, allowing an Android application to determine if the fingerprint reader is configured properly. Your applications can prompt the user to see if their fingerprint matches the fingerprint on file or enter their pin code. No API keys are necessary to use this SDK.
- The Advanced Mobile SDK for Android provides full fingerprint support, allowing developers to create a unique trust relationship between the user and the application through the use of a secret. Use of this API requires you to become a registered developer with AuthenTec and apply for a special API key for use with your application. It’s still free, but there’s a review and approval process you must follow to use this SDK.
For the purposes of this beginning tutorial, we will focus on verifying the user’s identity matches that of the preconfigured device “owner.” That is, the user who can unlock the phone with a swipe of their finger. This will simply require the Mobile SDK for Android.
Setting Up Fingerprint-Reading Support for Your Android Application
To enable fingerprint verification within your application requires a number of steps. You will need to:
- Be developing an existing Android application. Identify the areas within your application that should only be accessible after verifying the user’s identity and determine the appropriate code points to drop the fingerprint verification prompt code in to. For the purposes of this tutorial, we created a simple application with two screens. The first screen has a button to trigger an identity check. The second screen is only displayed if the identity is verified.
- Register as a developer at the AuthenTec website.
- Download the Mobile SDK for Android.
- Integrate the SDK into your application project in Eclipse.
- Start using the SDK, adding the appropriate prompts in your app.
- Test on a Motorola ATRIX 4G device that has fingerprint scanning configured properly.
Now let’s look at these steps in more detail. We assume you have an existing application that you wish to integrate fingerprint reader support into. However, we have also provided a very simple sample project to illustrate some of the types of statistics that can be easily generated by an Android application. The sample code that accompanies this tutorial is available online in open source form. The code listings you find here are part of this sample project, called CheckPoint.
Register for an AuthenTec Developer Account
The first thing you need to do to get started is to register for a developer account at the AuthenTec developer website. Click the Join Now button and fill out the new account form. It will ask you for your contact information, and prompt you to create a username and password. You must also agree to their terms of service. Once you’ve completed the registration form, AuthenTec will email you to verify your registration. Check your email, click on the registration verification link, and supply your password. You will then be granted access to the AuthenTec developer program webpage, where you can download the SDKs, read the SDK documentation and access the developer community forums. You can also apply for the Advanced Mobile SDK for Android at this time.
Download the Mobile SDK for Android
From the AuthenTec developer program webpage, you can download the Mobile SDK for Android. It comes as a zip file. Extract the zip. Inside you will find:
- A Readme File
- The tsm.jar file, which is the Mobile SDK for Android JAR file which must be included in your project
- A sample application called TSMVerify (source) as well as an APK directory with the TSMVerify package for review
- A Documents directory containing a PDF entitled “AuthenTec Simple SDK for Android Programmers Manual”
/libs directory within your Android project and save the tsm.jar file within that directory.
Integrate the Mobile SDK for Android into Your Android Project
Next, you need to integrate the SDK into your existing Android project. We’re going to assume you’re using the popular Eclipse development environment, although using other IDEs should involve very similar steps. To integrate the SDK into your project, you must add the tsm.jar to your project.
Adding the JAR file to your project within Eclipse is easy. Simply follow these steps:
- Click on the Project properties for your Android project.
- Under the Java Build Path settings, select the Libraries tab.
- Click the Add JARs… button and choose the JAR within the
The tsm.jar file should then appear within the Referenced Libraries section of your project files.
Start Using Mobile SDK for Android Features
You’re now ready to start using the Mobile SDK for Android to verify your user’s identity.
The methods you’re interested in are part of the com.authentec.tsm package. Specifically, you want to use the TSM.LAP class methods to check if fingerprints are enrolled in the fingerprint database (that is, that fingerprint scanning is enabled on the device), and then if that’s the case you’ll want to prompt the user to swipe and verify their identity (or enter their associated numeric pin).
The methods available within this class are all blocking operations. That means you should not call these methods on the UI thread, but instead use asynchronous means such as AsyncTask or threading for each of these method calls.
Check for Fingerprint Enrollment Prior to Verifying the User’s Identity
The following method call checks to see if any fingerprints are enrolled in the fingerprint database on the device. You will always want to check this method before trying to verify the user’s identity using the fingerprint reading SDK.
int iMap = com.authentec.tsm.TSM.LAP(CheckPointActivity.this).GetMap().exec();
Here we are assuming that this method is being called within the CheckPointActivity class. This method has three possible return values:
- A return value of
-1indicates an error.
- A return value of
0indicates that no fingerprints are registered in the database, so you probably don’t want to continue using the SDK.
- Any other return value indicates a bit map flag where the first bit
b0signifies whether the database contains a record for the left pinky fingerprint,
b1corresponds to the left ring fingerprint, and so on, ending with
b9, which represents the right pinky fingerprint.
This is a blocking call that should be called off the main thread of your application, so that it remains responsive. See the sample source code provided with this tutorial for an example of how to do this, if you are unfamiliar with asynchronous operations on the Android platform. The following figure shows the sort of application screen flow you might use if you find that no fingerprints are enrolled in the database.
Prompting the User to Verify Their Identity
Once you know that the fingerprint database contains fingerprints, you can prompt the user to swipe their finger (or enter their associated pin code). The following method does just that.
int iResult = com.authentec.tsm.TSM.LAP(CheckPointActivity.this) .verify().viaGfxScreen("lap-verify") .exec();
Here we are assuming that this method is being called within the CheckPointActivity class. This method has two possible return values:
- A return value of
0indicates that the user has been verified successfully.
- Any other return value indicates that the user has not been verified successfully or there was an error. See the “AuthenTec Simple SDK for Android Programmers Manual” for a complete set of errors.
This is a blocking call that should be called off the main thread of your application, so that it remains responsive. See the sample source code provided with this tutorial for an example of how to do this, if you are unfamiliar with asynchronous operations on the Android platform. The following figure shows the sort of application screen flow you might use if you verify the user’s identity successfully.
This concludes your brief tutorial on how to incorporate fingerprint reading technology into your Android applications using the Motorola ATRIX 4G. The Mobile SDK for Android is an effective way to provide simple user authentication checks within your Android applications. Should you need more sophisticated fingerprint reading functionality, you can register for and use the Advanced Mobile SDK for Android, also available through AuthenTec and Motorola’s developer programs. Let us know about the exciting apps you’re developing which use the fingerprint reader!
About the Authors
|Shane Conder and Lauren Darcey—Contributing Editors, Mobile Development–have coauthored two books on Android development: an in-depth programming book entitled Android Wireless Application Development (ISBN-13: 978-0-321-62709-4) and Sams Teach Yourself Android Application Development in 24 Hours (ISBN-13: 978-0-321-67335-0). When not writing, they spend their time developing mobile software at their company and providing consulting services.|