Fingerprint biometrics
This article explains how to add fingerprint biometrics to your Universal Windows Platform (UWP) app. Including a request for fingerprint authentication when the user must consent to a particular action increases the security of your app. For example, you could require fingerprint authentication before authorizing an in-app purchase, or access to restricted resources. Fingerprint authentication is managed using the UserConsentVerifier class in the Windows.Security.Credentials.UI namespace.
Check the device for a fingerprint reader
To find out whether the device has a fingerprint reader, call UserConsentVerifier.CheckAvailabilityAsync. Even if a device supports fingerprint authentication, your app should still provide users with an option in Settings to enable or disable it.
public async System.Threading.Tasks.Task<string> CheckFingerprintAvailability()
{
string returnMessage = "";
try
{
// Check the availability of fingerprint authentication.
var ucvAvailability = await Windows.Security.Credentials.UI.UserConsentVerifier.CheckAvailabilityAsync();
switch (ucvAvailability)
{
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.Available:
returnMessage = "Fingerprint verification is available.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceBusy:
returnMessage = "Biometric device is busy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceNotPresent:
returnMessage = "No biometric device found.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DisabledByPolicy:
returnMessage = "Biometric verification is disabled by policy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.NotConfiguredForUser:
returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
"fingerprint database and try again.";
break;
default:
returnMessage = "Fingerprints verification is currently unavailable.";
break;
}
}
catch (Exception ex)
{
returnMessage = "Fingerprint authentication availability check failed: " + ex.ToString();
}
return returnMessage;
}
Request consent and return results
To request user consent from a fingerprint scan, call the UserConsentVerifier.RequestVerificationAsync method. For fingerprint authentication to work, the user must have previously added a fingerprint "signature" to the fingerprint database.
When you call the UserConsentVerifier.RequestVerificationAsync, the user is presented with a modal dialog requesting a fingerprint scan. You can supply a message to the UserConsentVerifier.RequestVerificationAsync method that will be displayed to the user as part of the modal dialog, as shown in the following image.
private async System.Threading.Tasks.Task<string> RequestConsent(string userMessage)
{
string returnMessage;
if (String.IsNullOrEmpty(userMessage))
{
userMessage = "Please provide fingerprint verification.";
}
try
{
// Request the logged on user's consent via fingerprint swipe.
var consentResult = await Windows.Security.Credentials.UI.UserConsentVerifier.RequestVerificationAsync(userMessage);
switch (consentResult)
{
case Windows.Security.Credentials.UI.UserConsentVerificationResult.Verified:
returnMessage = "Fingerprint verified.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceBusy:
returnMessage = "Biometric device is busy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceNotPresent:
returnMessage = "No biometric device found.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DisabledByPolicy:
returnMessage = "Biometric verification is disabled by policy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.NotConfiguredForUser:
returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
"fingerprint database and try again.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.RetriesExhausted:
returnMessage = "There have been too many failed attempts. Fingerprint authentication canceled.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.Canceled:
returnMessage = "Fingerprint authentication canceled.";
break;
default:
returnMessage = "Fingerprint authentication is currently unavailable.";
break;
}
}
catch (Exception ex)
{
returnMessage = "Fingerprint authentication failed: " + ex.ToString();
}
return returnMessage;
}
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for