How to write a robust fingerprint device driver for Android M...

Toggle sidebar Toggle sidebar
J

JeanPierrePoulin

New member
Dec 14, 2015
3
0
0
Hello Android developers!

Our company is attempting to integrate our biometric fingerprint sensor into the Android fingerprint API recently introduced with Android Marshmallow.

Documentation and code samples have thus far done a great job of explaining how to code Java user applications to leverage the fingerprint API, but little has been found on how to properly write a C fingerprint hardware driver that can be consumed by the above-mentioned app-layer fingerprint API in Java.

Studying the fingerprint API codebase, I see that that lowest visible level of the fingerprint API (implemented by modules/libhardware/fingerprint/fingerprint.c) appears a viable place to insert the low-level code we need to interface with our hardware. Some questions remain however...

Q1: We want to implement a secure device driver compatible from Android's trusted-computing architecture. Is code we add to fingerprint.c running in the trusted zone? (i.e. unhackable)

Q2: Given the secure nature of a fingerprint driver, does our company need to develop a relationship with Google for us to obtain the resources we need to write a secure/unhackable fingerprint driver?

Q3: Does a reference hardware driver or documentation exist to guide fingerprint hardware manufacturers write better drivers?

Thank you very much for your advice!

Jean-Pierre
 
Welcome to the forums. :)

This might get a better response in our Android Developers forum. I'll mention it to the Moderators. They will decide. :)
 
You might consider reaching out to Google for suggestions. If you're wanting to build hardware and its associated software to interface with their OS and fingerprint API, it would be in their interest to see that it works well.

Related to your question 2, if you want the resources to do this, it would only make sense you would need to develop a relationship with Google. If you didn't need to have a relationship with Google in order to gather those resources, how secure could it REALLY be?
 
Hi hallux, thanks for taking the time.

Indeed given the nature of fingerprint drivers needing to be totally secure it is reasonable that some undocumented procedure would have to be followed in order for the driver to fully run in the trusted space appropriate for the driver. Like the documentation mentions about SPI is a good example... needing SPI communication to be handled by SELinux appears to be a challenge we don't know how to resolve yet.

Do you have a recommended way to approach the right people at Google to assist with this fingerprint driver effort?

Thank you very much! :)
 
You must log in or register to reply here.

Similar threads

C
Call recorder best application
Replies
0
Views
14K
Android Apps
Callrecorder
C
EnthalpiousKitten
  • Sticky
How to fix legacy apps to display correctly on Android 13
Replies
5
Views
7K
Android 13
B. Diddy
B. Diddy
A
  • Question Question
Question Tired of phablets - where and how to find a small(est) Android phone?
Replies
6
Views
982
Ask a Question
Anders A
A
W
Google calendar crashes
Replies
8
Views
4K
Android Apps
B. Diddy
B. Diddy
Dark Penguin
This old S8...Is it worth the trouble to root it and flash a custom ROM? Would I be able to get another Android version update or two?
Replies
5
Views
8K
Samsung Galaxy S8 & S8+
mustang7757
mustang7757

Latest posts

Trending Posts

Members online

Total: 5,158 (members: 14, guests: 5,144)

Forum statistics

Threads
956,569
Messages
6,968,866
Members
3,163,566
Latest member
SmoothieP

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom