Question about Google fido 2.0 webauthn libs.

78 views
Skip to first unread message

Bob Xin

unread,
Aug 16, 2021, 6:13:47 AMAug 16
to FIDO Dev (fido-dev)
Question about Google fido 2.0 webauthn libs. 
com.google.android.gms:play-services-fido:18.1.0

We want to know what kind of authentication method is used for user authentication. 
For example, on Google Pixel device user can use two ways; fingerprint or pin code. 

We checked Google Play Service API documents, about UVM extension found in Google play-service-fido library, but I don't know how to use it. Not sure if it is used correctly.

When register process enabled UVM extension, reference with W3C WebAuthn official documents.
gms-fido2.png

Will get the results from here ?? I'm not sure about it. UvmEntries entities are always null.
fido-uvm.png


How do we know which authentication method users used with Google GMS fido 2.0 lib ??

John Bradley

unread,
Aug 16, 2021, 10:43:32 AMAug 16
to Bob Xin, FIDO Dev (fido-dev)
Someone from the Android team may be best to answer this.

From my recollection, that UVM was added to Android a while ago due to customer requests.  

The problem is that the underlying API the authenticator is using was updated and the authenticator no longer knows if it was a pin, fingerprint or other biometric that unlocked the key material. 

I think that is why on a current version of Android you are not getting that information back.  

Google has never been a proponent of UVM to my knowledge. I personally would not count on using it going forward.

Regards
John B.  
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/72a7b201-4c9e-44c3-ad12-222b1070092bn%40fidoalliance.org.

Arshad Noor

unread,
Aug 16, 2021, 12:23:00 PMAug 16
to fido...@fidoalliance.org, maobo...@gmail.com

You could try the StrongKey Android Client Library (SACL) available here and here, that supports FIDO2 and UVM. There is a sample demonstration app that shows how the SACL works.

The only consideration is that the SACL is designed to work with the open-source, FIDO Certified FIDO2 server (available in the same repos mentioned above). But, like all open-source, both can be modified within the constraints of the license to do what is needed if you're willing to make the effort.

Hope that helps.

Arshad Noor
StrongKey

Reply all
Reply to author
Forward
0 new messages