Hi Guys,
Imagine I want to create an app that will use biometrics from the mobile phone.
I want to use the sensor in the way it registers multiple records in my app. From functional perspective it's like the registry - you log in to app, you have "your team" and you need to register their fingerprints.
Is BiometricPrompt API capable of doing it? Or it only serves to authenticate one user that the device belongs to?
If the answer is not in my favour, do you have any other ideas?
Related
HI
I'm searching for an app (or hack, or whatever) which allows me to do custom actions when there are too many incorrect unlocking attempts. For example, when 5 incorrect patterns are entered, get the location and send it to a remote web server. In my case, I would like to start Cerberus tracking, but that's not the main point.
Is there an app, or custom lock screen, or any security app that allows me to do this?
I am also looking for this. Have you got and idea on how to do it?
What’s your opinion about how Android Market describes its own permissions? Is Google damaging users and developers with descriptions like these?
DIRECTLY CALL PHONE NUMBERS
Allows the application to call phone numbers without your intervention. Malicious applications may cause unexpected calls on your phone bill. Note that this does not allow the application to call emergency numbers.
DISPLAY SYSTEM-LEVEL ALERTS
Allows an application to show system alert windows. Malicious applications can take over the entire screen.
RETRIEVE RUNNING APPLICATIONS
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
What do you think?
Questions or Problems Should Not Be Posted in the Development Forum
Please Post in the Correct Forums
Moving to Q&A
Hi,
I am thinking about using apps which can autologin to special services like skype or facebook. But I do not want to give others access to my accounts when my device is lost or stolen.
I searched for android apps which can force a password / pattern request when launching a specified app and found some. But how do they work? Do they encrypt the target application settings or do they just act as a fake-security layer before launching the app, allowing everyone to bypass it when extracting a nandroid backup for example?
Thanks for help
WongKit
My wife has a RAZR MAXX. Her company is transitioning their corporate email from Groupwise (I'm amazed they are still on it) to Google for Business.
They currently allow the use of BYOD for email access. She has been using Touchdown to access their Groupwise infrastructure. Before allowing access to the new email system, they are requiring the installation of Google's Device Policy App.
Is anyone here familiar with it? We're very interested in it's capabilities prior to allowing it on her phone. If we decide it's too intrusive, she will opt out of the email access.
I understand it has remote wipe, of email, or the entire system and that it can enforce a device lock timeout and PIN. Those are fairly standard.
What I'm more concerned with is the other capabilities that I've heard about. I've read where it can apparently use the camera to take pictures. It can also report on the phone's movements. Can anyone confirm this? And if so, is this something that the admins will have a console for that's supplied by Google, or is it something a third-party application is used for? Are there any indications of things such as this being activated remotely? Are there any ways to limit what it can do? Are there ways on the phone to determine what the specific active policy contains, and also receive notification if the policy was to change?
Any other info regarding this would be very much appreciated.
Thanks.
I don't have a lot of answers for you, and would actually like answers to a lot of the same questions.
What I do have to offer is that my school Exchange server requires me to grant it similar access. I've never had an issue related to it. It is a bit unnerving to connect to the email server for the first time and allow it to wipe the device, take photos, activate location services...
How they make use of this access? I'm not sure.
Personally, I've never heard anything about it other than the initial granting of access, and to my knowledge they have never made use of the privileges. So if they have used it, there have been no alerts to it, but I strongly doubt they have.
But at any rate, when I accepted the policy it very specifically outlined what it requests, and allows you to accept or deny. At least in the implementation I used.
Hello everyone,
I am looking forward on using the Face-Unlock feature to not have to manually write all my different 27 digit password for banking, keepass,...
How ever, I really wonder how all this works and how this is still secure. For example "KeePass":
- I have a Keepass database with a master password for the database
- No one except me knows what password and it isn't saved or written down anywhere else
- Currently I enter the password, KeePass will test if it is the correct input for decryption, and if so, it will decrypt.
This is the point where I would want to use Face-Unlock in the feature.
So does my KeePass database then have two password (1x master password and 1x my facial scan)?
Or will I will to tell "Android" my master password for all my apps and it will store it somewhere in Android and simply "pass it on" to KeePass if the Face-Unlock is verfied?
I am asking because I do not want any app or system or whatever to save my master password as this might cause security risks that no one can really evalute.
Also I wouldn't want to add a second unlocking feature to my KeePass databe (the facial scan). Because it might be less secure than my master password and there for weaken the encryption of my database?
Thanks in advance!