binding/com.pingidentity.device.binding.authenticator/BiometricAuthenticatorConfig

BiometricAuthenticatorConfig

class BiometricAuthenticatorConfig

Configuration class for biometric authenticators that defines UI prompts, key generation, and hardware preferences.

This DSL-style configuration class provides comprehensive control over biometric authentication behavior, including user interface presentation, cryptographic key generation parameters, and hardware security preferences. The configuration follows a builder pattern allowing flexible customization while providing sensible defaults for most biometric authentication scenarios.

Key configuration areas:

  • UI Presentation: Customizable biometric prompt appearance and messaging

  • Key Generation: Hardware-backed cryptographic key parameters and specifications

  • Hardware Preferences: StrongBox support and security enclave utilization

  • Logging: Configurable logging for debugging and monitoring biometric operations

  • Biometric Management: Integration with Android BiometricManager APIs

Default configuration provides:

  • Standard logging through the SDK logger

  • Software-backed key generation (StrongBox disabled by default)

  • Empty prompt configuration (requires customization)

  • Default Android Keystore key generation parameters

  • Automatic BiometricManager initialization

Example usage:

val authenticator = BiometricOnlyAuthenticator {
    strongBoxPreferred = true

    promptInfo {
        setTitle("Authenticate with Biometric")
        setSubtitle("Use your fingerprint or face")
        setDescription("This verifies your identity for secure access")
        setNegativeButtonText("Cancel")
    }

    keyGenParameterSpec {
        setUserAuthenticationRequired(true)
        setUserAuthenticationValidityDurationSeconds(0) // Require auth for each use
        setInvalidatedByBiometricEnrollment(true)
    }

    logger = Logger.create("BiometricAuth")
}
Content copied to clipboard

Security considerations:

  • StrongBox provides highest security but limited device support

  • Key invalidation on biometric changes prevents unauthorized access

  • User authentication requirements ensure fresh biometric verification

  • Logging should be disabled or filtered in production builds

Hardware compatibility:

  • Requires Android 6.0+ (API 23) for basic biometric support

  • Android 9.0+ (API 28) recommended for BiometricPrompt APIs

  • StrongBox requires Android 9.0+ and compatible hardware

  • Biometric sensors (fingerprint, face, iris) must be available

Since

1.0.0

See also

Constructors

Link copied to clipboard
constructor()

Properties

Link copied to clipboard
val biometricManager: BiometricManager

BiometricManager instance for checking biometric authentication availability and capabilities.

Link copied to clipboard
var logger: Logger

Logger instance used for debugging and monitoring biometric authentication operations.

Link copied to clipboard
var strongBoxPreferred: Boolean

Indicates whether StrongBox hardware security module should be preferred for key storage.

Functions

Link copied to clipboard
fun keyGenParameterSpec(block: KeyGenParameterSpec.Builder.() -> Unit)

Configures cryptographic key generation parameters for biometric-protected keys.

Link copied to clipboard
fun promptInfo(block: BiometricPrompt.PromptInfo.Builder.() -> Unit)

Configures the biometric authentication prompt UI appearance and behavior.