I am not a fan of a pascode for the fingerprint backup, is there a way to use a pin instead.
ALSO, I want to get VPN to work with the fingerprint, it requires a lot more secure password I guess to get VPN to work?
eatonjb said:
I am not a fan of a pascode for the fingerprint backup, is there a way to use a pin instead.
ALSO, I want to get VPN to work with the fingerprint, it requires a lot more secure password I guess to get VPN to work?
Click to expand...
Click to collapse
I also hate the passcode, I wish I can use the pattern for an alternative
I know that the fingerint scanner can be ued to unlock the phone and for paypal, web sign in and samsung verification but can I do anything else with it? It would be cool to lock specific apps. Are there any 3rd party apps that utilize the fingerprint scanner?
Ya, lastpass can be used to login to websites/applications automatically using your fingerprint. Really sweet not having to manually type in logins and passwords anymore!
And fingersecurity allows you to set up specific apps that require a fingerprint to get into them. It even has a in app purchase where you can set it not require the fingerprint while connected to specific trusted wifi networks and bluetooth devices. And even to set to only open when you use a specific finger, so not all fingers can open it if you don't want it to.
These are 2 that I have come to not be able to live without. I hope you like them as much as I do.
dfullerman said:
Ya, lastpass can be used to login to websites/applications automatically using your fingerprint. Really sweet not having to manually type in logins and passwords anymore!
And fingersecurity allows you to set up specific apps that require a fingerprint to get into them. It even has a in app purchase where you can set it not require the fingerprint while connected to specific trusted wifi networks and bluetooth devices. And even to set to only open when you use a specific finger, so not all fingers can open it if you don't want it to.
These are 2 that I have come to not be able to live without. I hope you like them as much as I do.
Click to expand...
Click to collapse
Dude fingersecurity is exactly was I was looking for. Thanks a lot! Do you know if there is an app to launch apps with your fingerprint?
Na, haven't heard or seen anything like that...don't exactly know how that would work exactly but maybe someone will figure it out.
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Except without root.
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Stevieboy02008 said:
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Click to expand...
Click to collapse
No dice. I know that already. My fault i did say basic. Thats the problem. When i put keep data like ice done for a long time but now i get this message and i cant use the fingerprint or iris with any app.
saulc1981 said:
No dice. I know that already. My fault i did say basic. Thats the problem. When i put keep data like ice done for a long time but now i get this message and i cant use the fingerprint or iris with any app.
Click to expand...
Click to collapse
Well then you might need root access. I don't have root access but it works for me just fine so im not sure.
use a secure settings app to set automatic lock delay to something ridiculously high like 540000(several days)
and turn off "lock instantly with power key".
normally you're limited to 30 minutes by the settings app, but if you use a secure settings app you can manually change it to something much higher.
using this setup you no longer need a pin coming from standby(lockscreen is skipped completely) unless you don't touch your phone for several days.
you'll still need a pin when turning on your phone or accessing lockscreen settings, but that's not something you'll do multiple times a day.
this does require ADB(to grant the hidden "secure settings" permission to the secure settings app once) but doesn't require root.
You can't do it anymore. AFAIK, Samsung changed this with the Jan or Feb patch. There's an article on sammobile that highlighted the change.
Edit : Here's the article : https://www.sammobile.com/news/on-o...ed-and-stored-only-with-a-secure-screen-lock/
Sent from my ONEPLUS A5010 using Tapatalk
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
I don't use any screenlock etc on my phone.
What i have done is place all my relevant apps eg banking, password manager etc in the Secure folder
(knox protected) If i want to use them i use fingerprint to unlock my secure folder.
Then i use fingerprint, to log into my banking app or use fingerprint for my password manager.
Further, I only install the relevant app (Google Play) that i want, inside secure folder. So no duplication of app.
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
I found a small loophole if you have a bluetooth device. You can turn smart lock on and have it stay unlocked as long as its connected to that device be it headset, smartwatch, etc. You can also do it based on location.
Stevieboy02008 said:
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Click to expand...
Click to collapse
It will On SOME apps paypal abd lastpass for example but not others Chase bank for example. Also whos bright idea was it to remove app long press option functionality? No more app info, uninstall etc. Why do they do this s%it?
demize! said:
It will On SOME apps paypal abd lastpass for example but not others Chase bank for example. Also whos bright idea was it to remove app long press option functionality? No more app info, uninstall etc. Why do they do this s%it?
Click to expand...
Click to collapse
Lol. I know but actually some functions still work on the app long press
thedicemaster said:
use a secure settings app to set automatic lock delay to something ridiculously high like 540000(several days)
and turn off "lock instantly with power key".
normally you're limited to 30 minutes by the settings app, but if you use a secure settings app you can manually change it to something much higher.
using this setup you no longer need a pin coming from standby(lockscreen is skipped completely) unless you don't touch your phone for several days.
you'll still need a pin when turning on your phone or accessing lockscreen settings, but that's not something you'll do multiple times a day.
this does require ADB(to grant the hidden "secure settings" permission to the secure settings app once) but doesn't require root.
Click to expand...
Click to collapse
Hi @thedicemaster this sounds like a great solution. I have been trying, but can't get it to work. Can you tell me more on how to do this? Appreciate it!
EDIT: Nvm, I managed to do it
Delete me
It's been years already but I have a way to get it to work without root without installing any apps. I hope it helps some one.
You will need adb and usb debugging on. Open cmd / terminal and execute these 2 commands:
Code:
adb shell settings put secure lock_after_timeout_rollback 86400000
adb shell settings put secure lock_screen_lock_after_timeout 86400000
86400000 = 24 hours in miliseconds. You can change to a number that you find suitable.
This secure settings will survive after reboot so you only need to do once.
Installed Oreo on my N950N this morning, and just now I found out that if I want to use biometrics in some apps (homebanking app, fast log in in many sites, using iris/fingerprint for entering secret mode on Samsung Internet) I'm forced to set up a screen lock security (pattern/pin or password) if I just put the simple swipe, I won't be able to use biometrics anymore? Why? What's the point of this forcing?
DeltaHF said:
Installed Oreo on my N950N this morning, and just now I found out that if I want to use biometrics in some apps (homebanking app, fast log in in many sites, using iris/fingerprint for entering secret mode on Samsung Internet) I'm forced to set up a screen lock security (pattern/pin or password) if I just put the simple swipe, I won't be able to use biometrics anymore? Why? What's the point of this forcing?
Click to expand...
Click to collapse
Any work arounds? I'm having issues resolving this one myself
I think its a security update on Oreo, so since it "might" be embedded on the code it might not be possible to do a work around without root or any major components changed, don't quote me on it this is just my opnion
Make sure you put 1* reviews on your Banking apps or all apps that need updating to support face unlock, hopefully it will help speed up the development and support of face unlock on the pixel 4. I am really missing fingerprint unlock on my apps!
Demolition49 said:
Make sure you put 1* reviews on your Banking apps or all apps that need updating to support face unlock, hopefully it will help speed up the development and support of face unlock on the pixel 4. I am really missing fingerprint unlock on my apps!
Click to expand...
Click to collapse
Why? I just contacted my credit union asking for them to add support. Maybe larger national banks and stuff should have been aware and had support ready but smaller, more local institutions might just need to know that it's a thing on Android now.
Sent from my Pixel 4 XL using XDA Labs
In the Play Store, you can reach out to contact each app's development team via email. I've written to Chase, Bank of America, Mint, Credit Karma, and the other apps I use. Some developers are aware that they need to update, others aren't. Here are some of the responses I've received.
My original email (to each app):
Please update the Android app to support the biometric API so that I can use the secure face unlock on my Pixel 4! Thank you!
Click to expand...
Click to collapse
Bank of America:
Thank you for your feedback and we apologize for the inconvenience. We are working to update to the latest biometric authentication for the Pixel 4 and expect to have a supporting app shortly. For now, sign-in to the app using your online ID and password. Please look out for an app update soon.
Click to expand...
Click to collapse
Chase:
We'll be happy to review your request to update the
Android App.
Ivan, please note that the Chase Mobile App will work on
any Android smart phone or tablet running Android
operating system 5.0 (Lollipop) or higher. The minimum
operating system is 5.0 or higher. If your mobile phone
does not have the minimum requirement, the Chase Mobile
app will not be compatible.
We want our mobile app users to have the best experience
possible, so we regularly test chase.com using the most
current versions of operating systems. Since some mobile
app functionality may not work well on older operating
systems, we ask that you perform these updates. We
recommend you update your operating system and application
to the newest versions available. If your device isn't set
up to receive updates automatically, you can get the We
recommend you update your operating system and application
to the newest versions available.
We appreciate your business and thank you for choosing
Chase.
Click to expand...
Click to collapse
Credit Karma:
To determine if your Touch ID or Face ID function is turned on or off, go into your settings by clicking the icon in the top right corner of the app. The directions are the same whether you’re using Touch ID or Face ID.
If Touch or Face ID is turned on you will see a green circle with a white check mark.
If it’s turned off, simply click the empty circle and you’ll be prompted with a message stating the fingerprints or face registered on your phone can be used to access your Credit Karma account. Click “OK” to this prompt and you will be asked to enter your PIN to confirm this change.
Touch or Face ID is now turned on and you will be allowed to use this function to access the Credit Karma app moving forward.
Please note that if you log out of your account, the next time you open the app you’ll be prompted to enter your email address and password.
Thanks so much,
Click to expand...
Click to collapse
I've been sending further follow-ups to the ones who clearly don't understand what we are asking.
The more people who contact them, the more they'll understand that their apps are the problem by not using the current API.
I think Chase already stated that they were going to have an update before the end of the year. Hopefully sooner rather than later.
Robinhood works!
btonetbone said:
In the Play Store, you can reach out to contact each app's development team via email. I've written to Chase, Bank of America, Mint, Credit Karma, and the other apps I use. Some developers are aware that they need to update, others aren't. Here are some of the responses I've received.
My original email (to each app):
Bank of America:
Chase:
Credit Karma:
I've been sending further follow-ups to the ones who clearly don't understand what we are asking.
The more people who contact them, the more they'll understand that their apps are the problem by not using the current API.
Click to expand...
Click to collapse
Very nice work, I have left reviews and also contacted all my Banks via email. Hopefully it speeds up the process.
Throwing up a bunch of one-star reviews won't help, and all it serves to do is make the rater (you) look petty and childish. I'll send an email to my institutions, like a grownup, and go from there.
Getting in contact directly works best, via the play store will get you to the android app devs. I usually go through Twitter and you get a spokesperson who wouldn't know an apk from an adb and will give a stock response of soon™.
Remind them that the old biometric APIs are deprecated and that they should update to current versioning. Should anything happen they don't want to be the story of the bank that wasn't able to keep up.
Honestly I'm not missing it that much for my bank that much because I use LastPass which autofills it quickly. I do miss it for Outlook though because I have to do a pin.
Sent from my Pixel 4 XL using Tapatalk
So Far E-Trade has been updated to the Pixels face Unlock... I sent an email via the app store also to a credit union hoping they will update their app. I'm hoping within the next 2 weeks to a month that all major banks will update...
How secure if this anyway? I mean, my banking account has a password. I enter that password in my banking app to log into my account. In the future I will use my facial scan to log into my banking app.
Does that mean my banking account will have two password (1x password + 1x facial scan) oder will my password be stored somewhere in the app or on android and simply be passed on the my facial scan is verified?
Both do not sound very secure to me.
If you don't feel it's secure then just don't use the app.. simple. I trust that the banks know the risks and have mitigated them. After all they are the ones on the hook if there's fraud.
bobby janow said:
If you don't feel it's secure then just don't use the app.. simple. I trust that the banks know the risks and have mitigated them. After all they are the ones on the hook if there's fraud.
Click to expand...
Click to collapse
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
And it seems like you also have no idea where your facial scan is being saved, and how it is secured / locked down. Maybe it is just a plain file on your phone's storage? You don't seem to know.
Why no simply write down all your passwords in a .txt file and save it on your sdcard? That would alteast have the advantage that you could change your password at some point.
Utini said:
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
Click to expand...
Click to collapse
Isn't the face unlock for that device only? It's not like someone can install your bank app on their phone, somehow use your face unlock information, and spoof you on that device. Also there's still 2 step verification, at least with my bank, so the new app would still need to get the verification code. If anything, it's easier to do with your password because that's something that can be typed in and then somehow get the verification code text.
Sent from my Pixel 4 XL using Tapatalk
Utini said:
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
Click to expand...
Click to collapse
I'm not sure of the question you are asking. It seemed rhetorical to me basically commenting on how you don't think fingerprint, facial or password entry is secure on your app. I don't think any of it is stored in the cloud but nonetheless it's probably not as secure as walking into your bank and transacting with a teller. Even websites probably aren't as secure as you wish they were. So what exactly are you asking that you expect a reply to? You can perhaps check with your bank as to what your liability would be if your account got hacked.
EeZeEpEe said:
Isn't the face unlock for that device only? It's not like someone can install your bank app on their phone, somehow use your face unlock information, and spoof you on that device. Also there's still 2 step verification, at least with my bank, so the new app would still need to get the verification code. If anything, it's easier to do with your password because that's something that can be typed in and then somehow get the verification code text.
Sent from my Pixel 4 XL using Tapatalk
Click to expand...
Click to collapse
Oh is it? That makes it defeniately more secure. But then I would still like to know how it is ensured that my facial scan only works with my specific mobile device and not with any other mobile device.
Yep for banking there is still 2 step verficiation. Good point. But I was actually thinking more about e.g. KeePass.
bobby janow said:
I'm not sure of the question you are asking. It seemed rhetorical to me basically commenting on how you don't think fingerprint, facial or password entry is secure on your app. I don't think any of it is stored in the cloud but nonetheless it's probably not as secure as walking into your bank and transacting with a teller. Even websites probably aren't as secure as you wish they were. So what exactly are you asking that you expect a reply to? You can perhaps check with your bank as to what your liability would be if your account got hacked.
Click to expand...
Click to collapse
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Utini said:
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Click to expand...
Click to collapse
I used LastPass and I think it's not different then when I died the fingerprint option for it. There's a master password for the account and biometric login is, again, just for the individual device. And again, there's 2 step verification at least with LastPass, for whenever you set up.
Sent from my Pixel 4 XL using Tapatalk
EeZeEpEe said:
I used LastPass and I think it's not different then when I died the fingerprint option for it. There's a master password for the account and biometric login is, again, just for the individual device. And again, there's 2 step verification at least with LastPass, for whenever you set up.
Sent from my Pixel 4 XL using Tapatalk
Click to expand...
Click to collapse
Sounds interesting and secure. Now I am interested in how it is ensured that my fingerprint / facial scan will only work with my specific mobile device and that the stolen data from my device can't be used from another device
Utini said:
Oh is it? That makes it defeniately more secure. But then I would still like to know how it is ensured that my facial scan only works with my specific mobile device and not with any other mobile device.
Yep for banking there is still 2 step verficiation. Good point. But I was actually thinking more about e.g. KeePass.
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Click to expand...
Click to collapse
Oh I see now. This really has more to do with your password manager than the bank. Unfortunately, I don't use a PM even though I suppose I should. Everyone says it's pretty secure. Since I don't really know what I'm talking about at this point I'll give it a shot anyway. lol
I don't think the facial scan or the fingerprint scan is saved anywhere other than your device. But I do use fingerprint (or did) scans on my banking app. If I change my password on the banking site my fingerprint scan will no longer work on the app. I would first have to change my password on the app and then reregister my fingerprint when the new password is entered. Can we compare it to the face scan at this point? I mean you can't change your fingerprints either right? Before I go on, am I reading your concerns correctly?
Utini said:
Sounds interesting and secure. Now I am interested in how it is ensured that my fingerprint / facial scan will only work with my specific mobile device and that the stolen data from my device can't be used from another device
Click to expand...
Click to collapse
https://support.google.com/pixelphone/answer/9517039?hl=en
Maybe this confirms it?View attachment 4860867
Sent from my Pixel 4 XL using Tapatalk