Login/Register
Samsung Devices OS 9.0 throw 'android.security.KeyStoreException: Key user not authenticated', when the "Preferred Biometric" is 'Face recognition'
Asked Answered
androidsamsung-mobilebiometricssamsung-galaxy
K

0

12

We implemented new android.hardware.biometrics.BiometricPrompt replacing the existing android.hardware.fingerprint. The new Biometrics API works as expected until we have the 'Preferred Biometric' as 'Fingerprint'.

When we set the 'Preferred Biometric' as 'Face Recognition' & try to use the face recognition as the authentication mechanism for our application, we receive "java.security.SignatureException: android.security.KeyStoreException: Key user not authenticated" in onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result).

This issue seems to be reproducible in Samsung devices with Android P. It works fine in Pixel devices with Android P (I believe currently the Pixel device don't provide support for Face Recognition for third party application).

private BiometricPrompt.AuthenticationCallback getAuthenticationCallback() {


@Override
public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
    Log.i(TAG, "onAuthenticationSucceeded");
    super.onAuthenticationSucceeded(result);
    Signature signature = result.getCryptoObject().getSignature();
    try {
      //Exception is thrown when we try to update the Signature with our message.
      signature.update(mToBeSignedMessage.getBytes());
      String signatureString = Base64.encodeToString(signature.sign(), Base64.URL_SAFE);
      Log.i(TAG, "Message: " + mToBeSignedMessage);
      Log.i(TAG, "Signature (Base64 EncodeD): " + signatureString);
      Toast.makeText(getApplicationContext(), mToBeSignedMessage + ":" + signatureString, Toast.LENGTH_SHORT).show();
    } catch (SignatureException e) {
      Log.d(TAG, e.getLocalizedMessage());
//java.security.SignatureException: android.security.KeyStoreException: Key user not authenticated"
      }
    }
}

Why I am getting the "KeyStoreException: Key user not authenticated", while trying to update the signature value ONLY when the "Preferred Biometric" as 'Face Recognition'.

Kohlrabi answered 8/2, 2019 at 19:4 Comment(7)
Possible duplicate of Error after Fingerprint touched on Samsung phones: android.security.KeyStoreException: Key user not authenticatedOdell
also, 1 question per question please - these are 3 questions.Odell
I restricted to 1 question, Thanks Martin. This question is different because the issue occurs ONLY when the "Preferred Biometric" is set as 'Face Recognition'. It works fine when it is 'Fingerprint' .Kohlrabi
We have run into the same issue and so far have not found a solution. It is not a duplicate of the linked question as far as I can see.Nakia
Having the same issue. Fingerprint & Iris work as expected. But when selecting face as the preferred biometric a security exception is thrown. Changing setUserAuthenticationRequired to false allows the flow to work which confirms this to be an issue with Samsung's face biometric implementation not unlocking the keystore. Anyone know how to open a bug with samsung? All I could find was their developer forum.Vories
Update - I did submit a "support request" on the Samsung Developers portal. Although I don't think that's the ideal place for it, it's the only place I could find.Vories
just left a comment for this question... which attempts to explain it.Odell

© 2022 - 2024 — McMap. All rights reserved.