hello, Benny!'

how can I help you today?

Hi Mark, i would have a question about a own calling/dailer app

I can try to help, but I do not have a lot of experience in that area

I have an app which replaces the calling app from android, can I switch back to the original one without the user exception dialog?

I have no idea, sorry

ok, no problem :)

but maybe you can help me with another problem I have

it is about the lock state for the device

it is for a payment app

i want to get sure that the user unlocked his device with his credentials each time he pays with the app

on Android 5.0 through 9.0, you can use createConfirmDeviceCredentialIntent() on KeyguardManager: https://developer.android.com/reference/android...

ok, i will check this, thank you

I cover that method in *The Busy Coder's Guide to Android Development* in the chapter on device authentication

see https://github.com/commonsguy/cw-omnibus/tree/v... for a sample use of it

basically, just call that method, pass the Intent to startActivityForResult(), and if you get RESULT_OK in onActivityResult(), the user has authenticated

however, that method is deprecated in Android Q, though it will probably still work

I need to figure out the details of how Android Q wants us to use BiometricPrompt as an alternative

oh, this is great, i did not look that deep in the book for now, but was I see is really usefull, thank you for this eBook btw :)

you're welcome!

do you know if is possible to get if the user authenticates via PIN or Fingerprint, so something else?

I don't think so

using DevicePolicyManager, you may be able to determine what sort of passphrase the user has set up (PIN, alphanumeric, etc.)

ok, but only what is available, right?

correct

this is what I also found at my research

if the user has enrolled a fingerprint or other biometrics, and the user elects to use that to authenticate, Android considers that to be good enough

and from its API standpoint, one form of system-level authentication is as good as the next

what I also found is the method isDeviceSecure() have you use that before?

yes, I cover it in the same chapter and in that same sample app

I am a litte bit scared that on some cheap device it will return true also if there is no pin (or something) set, do you have any bad experiences with that?

I have not seen that behavior, though I have not tested it on a wide variety of devices

okay, it is just a feeling :)

do you ever had problems with some cheap phones that they return wrong values in standard methods? Or is it really core android and not prepared by the manufactor

while device manufacturers do change Android, they tend not to change very much

Google also enforces compatibility for devices that will ship with the Play Store and other Google proprietary apps

so while there are issues like what you describe, for any given API, they are uncommon

and it is not limited to cheap phones, as Samsung is probably the worst at making changes that break things

okay, this sounds good :)

yes, we had some bug with the note 9 I fingerprint I think :)

particularly for a payment app, rather than worrying up front about possible problems, make sure that you have the data to detect problems if they occur

for example, if some unpopular phone seems unusually popular with your service... buy one of those phones and see if anything is odd

yes, this is a good idea

I would have one last question but it is not directly about android :-)

OK

how do you get that deep into android dev?

well, I have been working with Android for 11 years

so I have seen it go from pre-Android 1.0 all the way up to the Android Q developer preview

wow, this is very cool

would you have some tipps to get better?

well, you are already reading books, which is a good thing :-)

ok :-)

beyond that, watch conference presentation videos, read blog posts, and don't be afraid to try experiments in scrap projects to test out new ideas

ok, sounds good :-) Thank you very much for you time today

you're welcome!

I will join the office hours again if I have some questions, see you soon, good bye

BTW, the transcript for this chat will be posted on https://commonsware.com/office-hours/ shortly after the chat ends

oh, cool, will be good to have the links again, see you soon, good bye