4

I have an app that allows users to login using fingerprint authentication. The feature has been in production for a couple of months, but in the last day I started seeing many of these exceptions:

java.lang.SecurityException: Must have android.permission.USE_FINGERPRINT permission.: Neither user ##### nor current process has android.permission.USE_FINGERPRINT.

The crash occurs when I call fingerprintManager.isHardwareDetected() to check whether or not the device supports fingerprint authentication. I have the USE_FINGERPRINT permission declared in the manifest, so I don't know why the system would think that the process does not have this permission. This should not be something that I have to check at run time since USE_FINGERPRINT is a normal permission.

This has been working fine for months, and when it started crashing yesterday, we had been on a stable release for about a month. This problem sounds almost identical to this FingerprintManager.isHardwareDetected() throwing java.lang.SecurityException?. I am only seeing the crash on Oreo devices.

My current plan is to catch the Security Exception and proceed as if the device did not have the hardware, but my worry is that this might mean that no one is able to use the feature for login if this problem persists. Has anyone else had a recent issue with this exception? Or if not, does anyone have any ideas about why this might have just started happening all of a sudden like this? Thanks for the help!

etrado
  • 121
  • 8

1 Answers1

0

Use the FingerprintManagerCompat instead, that was handling permissions correctly for me.

See: https://developer.android.com/reference/android/support/v4/hardware/fingerprint/FingerprintManagerCompat

Additionally you might want to declare the permissions in your Android Manifest:

<!-- Fingerprint -->
    <uses-permission-sdk-23 android:name="android.permission.USE_FINGERPRINT" />

Note that I used uses-permission-sdk-23, since I found that FingerprintManager doesn't work reliable in older versions of Android, I know there are some Samsung Galaxy devices with fingerprint reader, but before API 23 you were granting permissions at installation time; that depends more on your market. Try it and see if it makes a difference for your users.

See: https://developer.android.com/guide/topics/manifest/uses-permission-sdk-23-element

moxi
  • 1,390
  • 20
  • 21
  • 1
    Thanks! I will give FingerprintManagerCompat a try. I still wish I understood why it is just becoming a problem now after it was sitting in production for so long. Guess it is probably just some android bug. I do have that permission listed in the manifest too (without the sdk-23 part), but I was doing an sdk check for 23 and above in code before deciding whether or not to allow fingerprint use (which meant only M and above devices were getting to the isHardwareDetected check). – etrado Aug 01 '18 at 16:36
  • 1
    FingerprintManagerCompat is now deprocated – Rohit Singh May 04 '22 at 19:35