Biometric/Pin
Cotter's Android SDK helps you easily add a Biometric prompt or PIN fallback to your app. This is useful for protecting transactions or sensitive information like medical records.
There are major updates planned for this feature. Contact us in Slack so we can help you prepare for it.
Overview
Enabling PIN and Biometric using Cotter's Android SDK consists of:
Initializing Cotter
Calling functions to start Pin Enrollment and Biometric Enrollment
Verify Biometric or PIN before a transaction
Enabling and disabling Biometric or PIN in Settings
What you're building
Steps
Set allowed Authentication Methods in the Dashboard
Initialize Cotter in your Main Activity
Enroll Biometrics and PIN: PIN is recommended as a fallback method
Verify Biometrics before a transaction
Step 1: Import Cotter as a dependency
Add JitPack repository your project level build.gradle
at the end of repositories.
Add the Cotter's SDK as a dependency in your app level build.gradle
.
Check the latest version here https://github.com/cotterapp/android-sdk/releases.
Then sync your gradle files.
Step 2: Setting Authentication Methods
You need to set allowed methods for authenticating your users. To allow PIN
and BIOMETRIC
, go to https://dev.cotter.app/rules
Remember to set the correct Project in the dropdown list.
Step 3: Creating a User
1. Registering a User
Your server should do this request to Cotter's server during Registration.
Check out Create a User API Reference for full Description
2. Get user data
To retrieve user's data:
Check out Get User API Reference for full Description
Step 4: Initialize Cotter
You can now use the SDK to enroll and verify Biometric and PIN for the user you just created.
Initialize
In your MainActivity, initialize Cotter with API keys, Cotter's URL to use (prod/test), and your User ID.
Production Endpoint: https://www.cotter.app/api/v0
Example:
Step 5: Enroll Biometric and PIN
to enroll both Biometric and PIN, start the PinEnrollment
flow in your Activity, pass in the Callback
Screen, and the Event
Tag. Event
Tag is used for your own logging, for example, a pin enrollment event can be called "PIN_ENROLLMENT_ANDROID"
to tag a pin enrollment event from an Android device.
Example:
How PinEnrollment
looks like
PinEnrollment
looks likeAfter entering the PIN, the user will automatically be prompted to Enroll Biometrics if the device supports it. Entering a PIN is required as a fallback method.
Step 6: Verify Biometrics on Transactions
The PinVerification
flow will automatically prompt for Biometric Verification if the user's device has an enrolled biometric, otherwise, it will fallback to entering PIN. Starting the PinVerification
flow is exactly the same as starting the PinEnrollment
flow.
In the verification page, there is a button called Forgot PIN
. This is used to send a verification code to allow the user to reset their PIN.
setOnResetPin
is used to set a callback function that will be called to reset the pin. You need to provide a function that follows the PinResetInterface
. This function should call your server to initiate the PIN reset request.
When your onResetPin
function is called, it should call your server, and your server needs to do the following:
onResetPin
function is called, it should call your server, and your server needs to do the following:Based on the currently logged-in user, find out the user's Email and name
Call Cotter's Reset PIN API to send the pin reset code
Receive the response from Cotter which contains the fields
success
,challenge_id
,challenge
Call the
callback.onSuccess
with aJSONObject
containing the following JSON object:
Example:
Reset PIN functionality is an update that is available starting from version 0.4.5
🎉 You're done!
Last updated