Biometric signatures on Android
BiometricSignatureData is “real-world information” that can be attached to a digital signature. This information includes things like whether or not the signature was created with a stylus, the size of the signee’s finger, and the timing and pressure information that was collected while writing the signature. Ultimately, this data can be used to create solutions that provide a higher grade of security than traditional digital signatures do. A digital signature can only contain biometric data if an ink signature was used to create it.
Creating biometric data
You can create a BiometricSignatureData data class instance with its constructor. All values of the biometric data are optional and can be left out. Once created, the BiometricSignatureData is immutable:
val biometricData = BiometricSignatureData.Builder() .setInputMethod(BiometricSignatureData.InputMethod.FINGER) .setPressurePoints(listOf(0.4f, 0.1f, 0.94f, 0.6f)) .build()final BiometricSignatureData biometricData = new BiometricSignatureData.Builder() .setInputMethod(BiometricSignatureData.InputMethod.FINGER) .setPressurePoints(Arrays.asList(new Float[]{ 0.4f, 0.1f, 0.94f, 0.6f })) .build();BiometricSignatureData is a Parcelable(opens in a new tab); this allows it to be passed around activities or saved to your instance state.
Collecting biometric data
When a user creates a Signature using the SignaturePickerFragment, the signature will also hold BiometricSignatureData that was collected during the creation of the signature. Retrieve this data using signature.getBiometricData():
// Retrieve the biometric data that was collected during signature creation.val biometricData = signature.biometricData// Retrieve the biometric data that was collected during signature creation.final BiometricSignatureData biometricData = signature.getBiometricData();Digitally signing with biometric data
To add biometric data to a digital signature, pass it to your SignerOptions during the signing process. The SigningManager will automatically verify the biometric data and attach it to the signature:
val biometricData = signature.biometricData// Pass in `BiometricSignatureData` as an extra argument.val signerOptions = SignerOptions.Builder(signatureFormField, outputFileUri) .setPrivateKey(key) .setSignatureMetadata(DigitalSignatureMetadata(biometricData = biometricData)) .build()
SigningManager.signDocument( context = context, signerOptions = signerOptions, type = digitalSignatureType, onFailure = { // Handle signing errors here. } ) { // The document was successfully signed! val signedDocument = Uri.fromFile(outputFile) }