[FIDO-DEV] Does Google APIs for Android support FIDO/FIDO2 UAF?

Mingming Yin

unread,

Apr 1, 2019, 3:04:40 PM4/1/19

to FIDO Dev (fido-dev)

Hello,

Looks like Google API's for Android has added support for FIDO/FIDO2. I can see U2F related API's there. However, I dont see any UAF related API's

Is UAF support available in Google API's for Android.

If only U2F support is there on Android devices, a hardware token is required. Is there a way to use FIDO on Android devices without a token?

API: https://developers.google.com/android/reference/com/google/android/gms/fido/Fido

referance code: https://github.com/googlesamples/android-fido

Thanks

Mingming

Mingming Yin

unread,

Apr 1, 2019, 3:15:56 PM4/1/19

to FIDO Dev (fido-dev)

Arshad Noor

unread,

Apr 2, 2019, 1:12:33 PM4/2/19

to Mingming Yin, FIDO Dev (fido-dev)

Google does not support UAF; they support only U2F and FIDO2. This has not stopped companies from creating their own APIs to support UAF on Android, though.

Yes, you can use U2F or FIDO2 on Android phones without an external Authenticator by using the AndroidKeystore, combined with their Fingerprint API. You can also use other biometric capabilities if you choose to, or a PIN/Pattern-based local-authentication scheme to unlock the Private Key within AndroidKeystore. To see an example, here is some sample code that works with the U2F server at this site: https://sourceforge.net/projects/skce/files/v2-Build124/

Arshad Noor
StrongKey

Reply all

Reply to author

Forward