-
Notifications
You must be signed in to change notification settings - Fork 0
Biometric Integration
alpha-1-design edited this page May 18, 2026
·
1 revision
BLACKBOX utilizes the Android androidx.biometric library, bridging the gap between native hardware and our web-based shell via a custom Capacitor plugin: ShieldBiometricPlugin.
The plugin uses BiometricPrompt to ensure compatibility with modern Android authentication requirements, supporting both "Strong" (fingerprint/iris) and "Weak" (facial recognition) authenticators depending on the hardware availability.
-
Availability Check: Upon initial PIN setup,
app.jstriggerswindow.ShieldBiometric.isAvailable(). - Opt-in: If hardware is supported, the user is prompted to register their biometric profile.
- Storage: The biometric secret is not stored by us; we simply register a secure prompt that, upon successful authentication, releases the master PIN from the device's secure enclave (via our Java implementation).
- Hardware-Backed: The authentication is processed by the Android system; BLACKBOX only receives a success/failure callback.
- Decoupled: The biometric flow is strictly for unlocking the UI. It does not replace the master PIN, ensuring that if biometric hardware fails or is removed, the master PIN remains the ultimate key.
If biometrics fail:
- Ensure the app has the
USE_BIOMETRICpermission inAndroidManifest.xml. - Verify that
ShieldBiometricPluginis correctly registered inMainActivity.java. - Check that the Android SDK version is at least 34 (as specified in
build.gradle).