soter

Project Url: Tencent/soter
Introduction: A secure and quick biometric authentication standard and platform in Android held by Tencent.
More: Author   ReportBugs   
Tags:

license Release Version

WeChat Approved PRs Welcome

For English version, please click here.

TENCENT SOTER 简介

TENCENT SOTER 是腾讯于 2015 年开始制定的生物认证平台与标准,通过与厂商合作,目前已经在一百余款、数亿部 Android 设备上得到支持,并且这个数字还在快速增长。

目前,TENCENT SOTER 已经在微信指纹支付、微信公众号/小程序指纹授权接口等场景使用,并得到了验证。

接入 TENCENT SOTER,你可以在不获取用户指纹图案的前提下,在 Android 设备上实现可信的指纹认证,获得与微信指纹支付一致的安全快捷认证体验。

SoterFramework

快速接入

可以在几行代码之内快速体验 TENCENT SOTER 完成指纹授权接口。

在使用之前,请确保所使用的测试机在支持机型列表中。

添加 gradle 依赖

在项目的build.gradle中,添加 TENCENT SOTER 依赖

dependencies {
    ...
    compile 'com.tencent.soter:soter-wrapper:1.3.10'
    ...
}

声明权限

AndroidManifest.xml中添加使用指纹权限

<uses-permission android:name="android.permission.USE_FINGERPRINT"/>

初始化

初始化过程整个应用声明周期内只需要进行一次,用于生成基本配置和检查设备支持情况。你可以选择在Application的 onCreate()中,或者在使用 TENCENT SOTER 之前进行初始化。

InitializeParam param = new InitializeParam.InitializeParamBuilder()
.setScenes(0) // 场景值常量,后续使用该常量进行密钥生成或指纹认证
.build();
SoterWrapperApi.init(context, 
new SoterProcessCallback<SoterProcessNoExtResult>() {...}, 
param);

准备密钥

需要在使用指纹认证之前生成相关密钥

SoterWrapperApi.prepareAuthKey(new SoterProcessCallback<SoterProcessKeyPreparationResult>() {...},false, true, 0, null, null);

进行指纹认证

密钥生成完毕之后,可以使用封装接口调用指纹传感器进行认证。

AuthenticationParam param = new AuthenticationParam.AuthenticationParamBuilder()
                                    .setScene(0)
                                    .setContext(MainActivity.this)
                                    .setFingerprintCanceller(mSoterFingerprintCanceller)
                                    .setPrefilledChallenge("test challenge")
                                    .setSoterFingerprintStateCallback(new SoterFingerprintStateCallback() {...}).build();
SoterWrapperApi.requestAuthorizeAndSign(new SoterProcessCallback<SoterProcessAuthenticationResult>() {...}, param);

释放

当你不再使用 TENCENT SOTER 时,可以选择释放所有资源,用于停止所有生成、上传任务以及支持状态等。释放之后再次使用时,需要重新进行初始化。 实际上,TENCENT SOTER 本身不会占据过多资源,只需要在确认不会再次使用的前提下(如切换账户之前)释放一次即可。

SoterWrapperApi.release();

更多文档

  • 想了解 TENCENT SOTER 更多信息与原理?看这里

  • 想要更高的安全性,用于登录甚至支付场景中?看这里

联系我们

如有相关问题,可以在issues中提问。

为了方便大家交流,也可以加入下面的 QQ 群,讨论相关技术问题:

qqgroup_qrcode

贡献代码

我们欢迎开发者贡献代码丰富 TENCENT SOTER 应用,请参考这个文档

协议

TENCENT SOTER 基于 BSD 协议。请参考协议文档

A Quick Look at TENCENT SOTER

TENCENT SOTER is a biometric standard as well as a platform held by Tencent.

There are more than 100 models, hundreds of millions Android devices supporting TENCENT SOTER, and the number is still increasing fast.

TENCENT SOTER has been already used in scenarios like WeChat fingerprint payment, fingerprint authentication in Official Account Webpages and Mini Programs.

You can get a consistent experience in fingerprint authenticating in your application, like what it is like in WeChat Payment, by getting access to TENCENT SOTER.

SoterFramework

Quick Start

You can get access to TENCENT SOTER in few lines of code to quick experience.

You should make sure your device for testing is in support list.

Add Gradle Dependency

Add TENCENT SOTER dependency in your project's build.gradle

dependencies {
    ...
    compile 'com.tencent.soter:soter-wrapper:1.3.10'
    ...
}

Declare Permission

Add fingerprint permission declaration in AndroidManifest.xml

<uses-permission android:name="android.permission.USE_FINGERPRINT"/>

Initialize

You need to initialize only once in application's lifecycle. You can either do it in Application's onCreate(), or anywhere before you need to use TENCENT SOTER.

InitializeParam param = new InitializeParam.InitializeParamBuilder()
.setScenes(0) // The senary constant for business index
.build();
SoterWrapperApi.init(context, 
new SoterProcessCallback<SoterProcessNoExtResult>() {...}, 
param);

Prepare Keys

You need to prepare keys before authentication process.

SoterWrapperApi.prepareAuthKey(new SoterProcessCallback<SoterProcessKeyPreparationResult>() {...},false, true, 0, null, null);

Authenticate With Fingerprint

You can use wrapped interface to authenticate when fingerprint.

AuthenticationParam param = new AuthenticationParam.AuthenticationParamBuilder()
                                    .setScene(0)
                                    .setContext(MainActivity.this)
                                    .setFingerprintCanceller(mSoterFingerprintCanceller)
                                    .setPrefilledChallenge("test challenge")
                                    .setSoterFingerprintStateCallback(new SoterFingerprintStateCallback() {...}).build();
SoterWrapperApi.requestAuthorizeAndSign(new SoterProcessCallback<SoterProcessAuthenticationResult>() {...}, param);

Release

You can release all the resource when you do not use TENCENT SOTER again by calling release. It will abort on-going tasks and remove support status. TENCENT SOTER will not occupy too much room actually. You can only do it when you confirm that you did not need to use it, like switch an account.

SoterWrapperApi.release();

More Document

  • Want to know more about TENCENT SOTER's mechanism? Check this.
  • Want to use TENCENT SOTER in more sensitive business scenarios like login, or even payment? Check this.

Contact Us

You can add your comments in issues if you have any question.

You can also join in the following QQ Group for more convenient discussing:

qqgroup_qrcode

Contributing

For more information about contributing issues or pull requests, check our CONTRIBUTING document.

License

TENCENT SOTER is based on BSD license. Please check our LICENSE document.

Android 开发经验分享
随手点击下面广告支持本站吧
 
Android 开发经验分享