Fingerprint in WinDev mobile
skeita24
-
[Dal] Posted messages 6205 Registration date Status Contributeur Last intervention -
[Dal] Posted messages 6205 Registration date Status Contributeur Last intervention -
Hi! I'm a beginner in WinDev Mobile. I would like to know if it's possible to capture and store a person's fingerprint from a smartphone into a database in WinDev Mobile. If not, are there other solutions?
1 réponse
Hello skeita24,
I don’t use WinDev, but that should be impossible.
On Android, biometric data representing the fingerprint and raw fingerprint data are stored and managed only in a Trusted Execution Environment (TEE) attached to the hardware capable of reading the fingerprint on the phone, including the fingerprint sensor and its driver.
"Raw fingerprint data or derivatives (for example, templates) must never be accessible from outside the sensor driver or TEE. If the hardware supports a TEE, hardware access must be limited to the TEE and protected by an SELinux policy. The Serial Peripheral Interface (SPI) channel must be accessible only to the TEE and there must be an explicit SELinux policy on all device files."
https://source.android.com/security/authentication/fingerprint-hal.html#implementation
I don’t have the source at hand for iPhone, but I’m sure the design must be similar at Apple.
If it worked differently, it would mean that this sensitive data (biometric data that identifies and authenticates a person's action) would be at the mercy of malicious applications.
Dal
I don’t use WinDev, but that should be impossible.
On Android, biometric data representing the fingerprint and raw fingerprint data are stored and managed only in a Trusted Execution Environment (TEE) attached to the hardware capable of reading the fingerprint on the phone, including the fingerprint sensor and its driver.
"Raw fingerprint data or derivatives (for example, templates) must never be accessible from outside the sensor driver or TEE. If the hardware supports a TEE, hardware access must be limited to the TEE and protected by an SELinux policy. The Serial Peripheral Interface (SPI) channel must be accessible only to the TEE and there must be an explicit SELinux policy on all device files."
https://source.android.com/security/authentication/fingerprint-hal.html#implementation
I don’t have the source at hand for iPhone, but I’m sure the design must be similar at Apple.
If it worked differently, it would mean that this sensitive data (biometric data that identifies and authenticates a person's action) would be at the mercy of malicious applications.
Dal