Home > Mobile >  How to identify user on the flutter app using biometric authentication
How to identify user on the flutter app using biometric authentication

Time:07-13

I have implemented biometric authentication in a Flutter app for login purposes. Now I want to uniquely identify each user to be able to retrieve their data from the database. For example, if the user would have logged in using a unique username previously stored in DB, then that particular username would have been used. But now I am not storing any data in external DB but comparing the fingerprint pattern with the one locally stored. Any suggestions on how should I proceed, please?

CodePudding user response:

The main point is, that you cannot read a user's fingerprint from the smartphone's scanner because it is saved in the smartphone's secure storage which is isolated, which means that you cannot save it in any database.

Now assuming, that is not the case and you are enrolling the fingerprints via an external fingerprint reader (as you might have seen in several places including ATMs, banks, government offices, etc.), which means that you probably have an image of the fingerprint in form of a byte array/list, which you can save in the database and verify every time a user comes into your app and scans the fingerprint (using an external scanner). But this is not a reliable method because I believe it would not work efficiently unless the thumb/finger is placed in exactly the same place and exactly the same way as it were while enrolling. Another way of saving this fingerprint in your database is by extracting the template of your fingerprint (scanned via an external scanner) using some open-source algorithm which would give you a hash that only takes care of the distinctive features of a fingerprint and you can save that hash into your database and do the same thing for the authenticating fingerprint to get the hash and compare it with the one in the database.

For reference to the distinctive features, look at this: An Answer on Quora about how fingerprints are changed into templates and about those distinctive features I talked about

And as this answer suggests, there is a possibility that your external scanner might already change the fingerprint to a template and then to the hash which you can save: Your scanner might return the hash directly

This one also explains the enrollment and verification cycle: Enrollment and Verification cycle and what these steps include

Or You may also refer to this video that shows everything that I talked about (and No this is not my video and I am adding it here just to clarify everything that I just said. ): A video showing a demo related to what I just said

  • Related