Empreinte digitale biométriqueFingerprint biometrics

Cet article explique comment ajouter des empreintes digitales biométriques à votre application de plateforme Windows universelle (UWP).This article explains how to add fingerprint biometrics to your Universal Windows Platform (UWP) app. L’inclusion d’une demande d’authentification par empreinte digitale (biométrique) lorsque l’utilisateur doit valider une action particulière renforce la sécurité de votre application.Including a request for fingerprint authentication when the user must consent to a particular action increases the security of your app. Par exemple, vous pouvez exiger une authentification par empreinte digitale avant d’autoriser un achat in-app ou avant l’accès à des ressources restreintes.For example, you could require fingerprint authentication before authorizing an in-app purchase, or access to restricted resources. L’authentification par empreinte digitale est gérée à l’aide de la classe UserConsentVerifier dans l’espace de noms Windows. Security. Credentials. UI .Fingerprint authentication is managed using the UserConsentVerifier class in the Windows.Security.Credentials.UI namespace.

Déterminer si l’appareil est doté d’un lecteur d’empreintes digitalesCheck the device for a fingerprint reader

Pour déterminer si l’appareil a un lecteur d’empreintes digitales, appelez UserConsentVerifier. CheckAvailabilityAsync.To find out whether the device has a fingerprint reader, call UserConsentVerifier.CheckAvailabilityAsync. Même si un appareil prend en charge l’authentification par empreinte digitale, votre application doit fournir aux utilisateurs une option dans Paramètres pour activer ou désactiver l’authentification des empreintes digitales.Even if a device supports fingerprint authentication, your app should still provide users with an option in Settings to enable or disable it.

public async System.Threading.Tasks.Task<string> CheckFingerprintAvailability()
{
    string returnMessage = "";

    try
    {
        // Check the availability of fingerprint authentication.
        var ucvAvailability = await Windows.Security.Credentials.UI.UserConsentVerifier.CheckAvailabilityAsync();

        switch (ucvAvailability)
        {
            case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.Available:
                returnMessage = "Fingerprint verification is available.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceBusy:
                returnMessage = "Biometric device is busy.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceNotPresent:
                returnMessage = "No biometric device found.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DisabledByPolicy:
                returnMessage = "Biometric verification is disabled by policy.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.NotConfiguredForUser:
                returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
                                "fingerprint database and try again.";
                break;
            default:
                returnMessage = "Fingerprints verification is currently unavailable.";
                break;
        }
    }
    catch (Exception ex)
    {
        returnMessage = "Fingerprint authentication availability check failed: " + ex.ToString();
    }

    return returnMessage;
}

Pour demander à l’utilisateur son consentement par le biais d’une analyse de son empreinte digitale, appelez la méthode UserConsentVerifier.RequestVerificationAsync.To request user consent from a fingerprint scan, call the UserConsentVerifier.RequestVerificationAsync method. Pour que l’authentification par empreinte digitale fonctionne, l’utilisateur doit avoir au préalable ajouté une « signature par empreinte digitale » à la base de données d’empreintes digitales.For fingerprint authentication to work, the user must have previously added a fingerprint "signature" to the fingerprint database.

Lorsque vous appelez la méthode UserConsentVerifier.RequestVerificationAsync, l’utilisateur se voit présenter une boîte de dialogue modale lui demandant une analyse de son empreinte digitale.When you call the UserConsentVerifier.RequestVerificationAsync, the user is presented with a modal dialog requesting a fingerprint scan. Vous pouvez inclure un message dans la méthode UserConsentVerifier.RequestVerificationAsync qui est présenté à l’utilisateur dans la boîte de dialogue modale, comme vous pouvez le voir sur l’image suivante.You can supply a message to the UserConsentVerifier.RequestVerificationAsync method that will be displayed to the user as part of the modal dialog, as shown in the following image.

private async System.Threading.Tasks.Task<string> RequestConsent(string userMessage)
{
    string returnMessage;

    if (String.IsNullOrEmpty(userMessage))
    {
        userMessage = "Please provide fingerprint verification.";
    }

    try
    {
        // Request the logged on user's consent via fingerprint swipe.
        var consentResult = await Windows.Security.Credentials.UI.UserConsentVerifier.RequestVerificationAsync(userMessage);

        switch (consentResult)
        {
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.Verified:
                returnMessage = "Fingerprint verified.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceBusy:
                returnMessage = "Biometric device is busy.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceNotPresent:
                returnMessage = "No biometric device found.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.DisabledByPolicy:
                returnMessage = "Biometric verification is disabled by policy.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.NotConfiguredForUser:
                returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
                                "fingerprint database and try again.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.RetriesExhausted:
                returnMessage = "There have been too many failed attempts. Fingerprint authentication canceled.";
                break;
            case Windows.Security.Credentials.UI.UserConsentVerificationResult.Canceled:
                returnMessage = "Fingerprint authentication canceled.";
                break;
            default:
                returnMessage = "Fingerprint authentication is currently unavailable.";
                break;
        }
    }
    catch (Exception ex)
    {
        returnMessage = "Fingerprint authentication failed: " + ex.ToString();
    }

    return returnMessage;
}