Encrypt app DB with fingerprint scanner #172
Comments
|
Well, it wouldn't encrypt the database (but frankly, that's not important, because Android separates the data of different apps very well and you can't access it with root access or manual exporting anyway) but a fingerprint unlock feature would be fine, yeah. This issue seems very similar to #62 but a fingerprint is slightly different from a password so I'm leaving both open. |
TheLastProject
added
type: enhancement
|
This feature would indeed be useful, but unfortunately I'm not coder. So this is just a thought, but don't know is this usable at all, but.. Wuold it be possible to reuse some code from Aegis, which has feature to lock/open database with password & fingerprint. |
You could use the User Authentication feature of the Keystore to encrypt the database and make it basically very hard (if not impossible) to decrypt it without the fingerprint (or the password). (See also: https://developer.android.com/training/sign-in/biometric-auth#crypto) |
|
Here is my opinion. Personally I am very against abusing the Biometric prompt in apps, and I rather prefer to rely on proper device security, or do like some popular high-security apps do (Google Pay). Once you have set up a proper lock screen security, authenticating yet again to apps is a hassle. In order to open Catima, you must unlock your screen first, perhaps with fingerprints. I personally don't like the behaviour of (almost all) banking apps who require you to re-authenticate after unlocking the screen a few seconds ago. And this is different from authorizing a transaction, where the authentication (even biometric) is also a very important UX pause element, where the user is implicitly required to review information by confirming PIN or fingerprint. In the case of Catima, one should really balance the value of privacy over usability. What does Google Pay do? In the first 3 minutes after you unlocked your device with a proper PIN/fingerprints, payments are authorized. After 3 minutes of screen active, another prompt will ask you to confirm the transaction. I also suspect (never tried) that Google Pay won't easily authorize multiple payments in a row |
|
Of course, it will be very easy to implement an optional authentication prompt. It won't encrypt the database. There is no need. Modern Android devices are encrypted by default. Android file sharing model does not allow other apps to mess with the database. ADB can extract unencrypted backups. Users who back up their phone on Google Drive with a modern Android device encrypt their backups into the cloud with the lockscreen key. Catima could have an option "Authenticate at every start". See also #146 for cards opened through the power screen, in case |
|
Given #62 is implementing both PIN and fingerprint as optional I'm just closing this in favour of that. |
Hi. Great app! Is it possible to add extra privacy by locking app database with fingerprint? Thank you!
The text was updated successfully, but these errors were encountered: