Discussion:
[android-security-discuss] Android M FingerPrint
m***@backelite.com
2015-10-22 12:27:45 UTC
Permalink
Hello,
I work in a project (for Android M) used Fingerprint authentication.
I do not find any official document that indicates if google guarantee
that :
- the FingerPrint is saved in secure zone (matériel secure like Apple)
- google not track the fingerPrints

have you any idea or link ?

Thank you
--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+***@googlegroups.com.
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
'Alex Klyubin' via Android Security Discussions
2015-10-30 15:54:09 UTC
Permalink
See the Android 6.0 CDD, section 7.3.10. Fingerprint Sensor. CDD outlines
the requirements that must be met in order for a product to be compatible
with Android (i.e., to be called "Android").

https://static.googleusercontent.com/media/source.android.com/en//compatibility/android-cdd.pdf

Alex
Post by m***@backelite.com
Hello,
I work in a project (for Android M) used Fingerprint authentication.
I do not find any official document that indicates if google guarantee
- the FingerPrint is saved in secure zone (matériel secure like Apple)
- google not track the fingerPrints
have you any idea or link ?
Thank you
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an
Visit this group at
http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+***@googlegroups.com.
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
galapogos
2017-03-07 03:24:50 UTC
Permalink
According
to https://source.android.com/security/authentication/fingerprint-hal.html :

1. Raw fingerprint data or derivatives (e.g. templates) must never be
accessible from outside the sensor driver or Trusted Execution Environment
(TEE). Hardware access must be limited to the TEE, if the hardware supports
it, and must be protected by an SELinux policy. That is, the Serial
Peripheral Interface (SPI) channel must be accessible only to the TEE, and
there must be an explicit SELinux policy on all device files.

TEE in this case refers to ARM TrustZone, similar to Apple's Secure Enclave.
Post by m***@backelite.com
Hello,
I work in a project (for Android M) used Fingerprint authentication.
I do not find any official document that indicates if google guarantee
- the FingerPrint is saved in secure zone (matériel secure like Apple)
- google not track the fingerPrints
have you any idea or link ?
Thank you
--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+***@googlegroups.com.
Visit this group at https://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
Loading...