Demo app for testing the cordova-plugin-biometric-auth, which allows to authenticate users with biometrics or fallback PIN, pattern or password. Uses AndroidX and supports Android 5.0 onwards. Source code available in GitHub.

Android screenshots

: Main window

: Authenticators

: BiometricManager dialog

: KeyguardManager prompt

Browser screenshots

Methods

This is a summary of the demo app’s methods. Refer to plugin’s README for details

isAvailable

Checks if the user can authenticate with either biometrics, fallback PIN, pattern or password. Biometric requires at least one biometric sensor to be present, enrolled, and available on the device.

Android quirks

Not all combinations of authenticator types are supported prior to Android 11 (API 30). Specifically, DEVICE_CREDENTIAL alone is unsupported prior to API 30, and BIOMETRIC_STRONG | DEVICE_CREDENTIAL is unsupported on API 28-29.

Browser quirks

This filler platform always returns BIOMETRIC_SUCCESS and does not check nor use a real biometric device.

authenticate

Shows the biometric prompt or the fallback device credential dialog for authentication.

Android quirks

Browser quirks

Browser platforms shows a dialog to manually select either of these results and does not perform any actual biometric check:

AUTHENTICATION_FAILED
BIOMETRIC_DISMISSED
BIOMETRIC_SUCCESS

Remarks

Both isAvailable and authenticate methods will use the selected authenticators value from the drop-down list with one of these options:

AUTO (0): Calls the deprecated BiometricManager.canAuthenticate() method without arguments to check if the user can authenticate with biometrics. If the result is false, it checks for KeguardManager.isKeyguardSecure().
KEYGUARD_MANAGER (1): Calls the KeguardManager.isKeyguardSecure() method that is available since Android 5.0.
BIOMETRIC_STRONG (15)
BIOMETRIC_WEAK (255)
DEVICE_CREDENTIAL (32768)
BIOMETRIC_STRONG+DEVICE_CREDENTIAL (32783)
BIOMETRIC_WEAK+DEVICE_CREDENTIAL (33023)

The option AUTO (0) can be used to check for biometrics + device credentials as fallback with a single and reliable method. Recommended to check if you can use the PIN, pattern or password authentication when no biometrics are enrolled or supported. Android 5 supported.

The authenticator KEYGUARD_MANAGER (1) is a plugin-created value to directly check if you can use PIN, pattern, password or biometrics if enrolled. Can be used starting Android 5.

Whenever you use the KeyguardManager authenticator on Android 6 to 9 inclusive, the fallback PIN, pattern or password with optional biometrics screen will be shown as follows: