Biometric Signatures on Android
BiometricSignatureData
is “real-world information” that can be attached to a digital signature. This information includes things like whether or not the signature was created with a stylus, the size of the signee’s finger, and the timing and pressure information that was collected while writing the signature. Ultimately, this data can be used to create solutions that provide a higher grade of security than traditional digital signatures do. A digital signature can only contain biometric data if an ink signature was used to create it.
Creating Biometric Data
You can create a BiometricSignatureData
instance using its Builder
. All values of the biometric data are optional and can be left out. Once created, the BiometricSignatureData
is immutable:
val biometricData = BiometricSignatureData.Builder() .setInputMethod(BiometricSignatureData.InputMethod.FINGER) .setPressurePoints(listOf(0.4f, 0.1f, 0.94f, 0.6f)) .build()
final BiometricSignatureData biometricData = new BiometricSignatureData.Builder() .setInputMethod(BiometricSignatureData.InputMethod.FINGER) .setPressurePoints(Arrays.asList(new Float[]{ 0.4f, 0.1f, 0.94f, 0.6f })) .build();
BiometricSignatureData
is aParcelable
; this allows it to be passed around activities or saved to your instance state.
Collecting Biometric Data
When a user creates a Signature
using the SignaturePickerFragment
, the signature will also hold BiometricSignatureData
that was collected during the creation of the signature. You can retrieve this data using signature.getBiometricData()
:
// Retrieve the biometric data that was collected during signature creation. val biometricData = signature.biometricData
// Retrieve the biometric data that was collected during signature creation. final BiometricSignatureData biometricData = signature.getBiometricData();
Digitally Signing with Biometric Data
To add biometric data to a digital signature, pass it to your SignerOptions
during the signing process. The SigningManager
will automatically verify the biometric data and attach it to the signature:
val biometricData = signature.biometricData // Pass in `BiometricSignatureData` as an extra argument. val signerOptions = SignerOptions.Builder(signatureFormField, outputFileUri) .setPrivateKey(key) .setSignatureMetadata(DigitalSignatureMetadata(biometricData = biometricData)) .build() SigningManager.signDocument( context = context, signerOptions = signerOptions, type = digitalSignatureType, onFailure = { // Handle signing errors here. } ) { // The document was successfully signed! val signedDocument = Uri.fromFile(outputFile) }