Skip to main content

Android SDK

Follow the version release notes on this page for an overview of what is new in all of our supported SDK versions for Android.

SDK 3.21

News for release: SDK 3.21

  • Added new risk parameters SSID, BSSID, Barometer, Gravity, Magnetometer, IsDeveloperMode, IsOverlayDetected, IsProxyEnabled, IsVpnEnabled, Locale.
    Set SSID/BSSID permissions

    If you enable the SSID and/or BSSID risk parameters, then you need to set up the necessary permissions in your AndroidManifest.xml file.

    To learn how to do this, see Wi-Fi information (SSID and BSSID) in our Risk parameters feature documentation.

  • For Recovery, renamed enum entry RecoveryMethod.CLOUD_BACKUP to RecoveryMethod.CLOUD_BACKUP_RECOVERY_CODE.
    Breaking change

    This is a breaking change. Replace any occurrences of RecoveryMethod.CLOUD_BACKUP with RecoveryMethod.CLOUD_BACKUP_RECOVERY_CODE in your code.

  • To align with iOS, Android now returns error code clientErrorAuthMethodUnavailable instead of clientErrorAuthMethodNotAllowed in cases where biometrics are not enrolled on the device.
    Note

    clientErrorAuthMethodNotAllowed is still returned in cases where an authentication method is being used but is not yet activated, or if not enabled in the server configuration.

  • Added error code clientErrorClientDataInvalid, which indicates that the provided client data in the start authentication operation is invalid for one of the following reasons:
    • It exceeds the maximum size of 1024 bytes (UTF-8 encoded).
    • It contains one or more 4-byte UTF-8 characters (this includes most emojis, such as 👍).
  • For error handling, added the exception class to each entry in the ErrorCode, so that the developer can look up the exception class for each error code.
  • Removed SDK error code serverErrorAuthenticationRequired.

SDK 3.20

News for release: SDK 3.20

  • Updated minimum Android version to Android 9 (API 28).
  • Encap Android API rewritten from Java to Kotlin 2.0, backwards compatible with API 3.19.
    • This rewrite adds a new dependency to kotlin-stdlib version 2.0.
  • Added support for recovery using face scan, in addition to keeping recovery code.
    • Added classes:
      • RecoveryParameter
      • RecoveryCodeRecoveryParameter
      • ServerSideFaceRecoveryParameter
    • Added enum entry RecoveryMethod.CLOUD_BACKUP_SERVER_SIDE_FACE.
    • Added Controller methods accepting accepting RecoveryParameter:
      • fun finishAddOrUpdateRecovery(recoveryParameter: RecoveryParameter, appCallback: AsyncCallback<FinishAddOrUpdateRecoveryResult>)
      • fun finishRecovery(recoveryParameter: RecoveryParameter, activationParameter: ActivationParameter, appCallback: AsyncCallback<FinishRecoveryResult>)
      • fun finishDeleteRecovery(recoveryParameter: RecoveryParameter, appCallback: AsyncCallback<FinishDeleteRecoveryResult>)
    • Deprecated class EncapRecoveryParameter and Controller methods accepting it.
  • Removed deprecated Controller methods:
    • void startAddOrUpdate(String clientData, AsyncCallback<StartAddOrUpdateResult> callback);
  • Removed SDK error code serverErrorAlreadyAuthenticated.
  • Removed SDK error code clientErrorGoogleServicesOutdated and GooglePlayServicesOutdatedException.

SDK 3.19

News for release: SDK 3.19

  • Updated minimum Android version to Android 8 (API 26).
  • The authentication method AuthMethod.DEVICE_ANDROID_FINGERPRINT is removed completely. Use AuthMethod.DEVICE_ANDROID_BIOMETRIC_PROMPT instead. Users that are already using Fingerprint can migrate from Pin to Biometric using addOrUpdate. To migrate from Fingerprint to Biometric an earlier version of the SDK needs to be used.
  • Added new authentication method AuthMethod.DEVICE_SERVER_SIDE_FACE.
    What is the use case?

    The current primary use case is to change the PIN when the end-user has forgotten it and has no valid biometrics.

  • Added new Controller methods:
    • void startAddOrUpdate(@NonNull StartAddOrUpdateParameter startParameter, @NonNull AsyncCallback<StartAddOrUpdateResult> callback);
    Note
    • For use with server-side face only, use start calls with StartAddOrUpdateParameter(AuthMethod.DEVICE_SERVER_SIDE_FACE).
    • For use with clientData, use start calls with StartAddOrUpdateParameter(String clientData).
  • Deprecated Controller methods:
    • void startAddOrUpdate(String clientData, AsyncCallback<StartAddOrUpdateResult> callback);
    Note

    The String clientData argument to the above method is made obsolete by the new method accepting StartAddOrUpdateParameter(String clientData) .

  • If biometrics or fingerprint are not enrolled or enabled on the device, then return BiometricAuthenticationException with clientErrorAndroidBiometricPromptErrorNoBiometrics. This is instead of UnexpectedException with clientErrorUnexpected.
  • Added @NonNull and @Nullable to all Controller methods, to ease interfacing with Kotlin.
  • PROCESSING_DEACTIVATION is now a blocking state. If a new operation is started before deactivation is finished, then a clientErrorOperationInProgress error is returned.

SDK 3.18

News for release: SDK 3.18

  • Documentation improvements:
    • Restructured to improve usability.
    • Multiple sections have been rewritten.
    • Added new examples which are easier to copy and paste.
  • Deprecated the fingerprint authentication method. This means that it will be removed in a future release.
  • Added the annotation @NonNull to both the OnSuccess and OnFailure functions of AsyncCallback.
  • Unified the operation context methods. This means that the following functions on result classes FinishActivationResult and FinishAuthenticationResult are renamed:
    Note

    This matches the method names for StartAuthenticationResult and on iOS.

    The old methods are deprecated. They will be removed in the next release.

SDK 3.17

News for release: SDK 3.17

  • Updated minimum Android version to Android 7.
  • Safety Net attestation is replaced with Play Integrity. You can learn more in our feature documentation.
  • The two activation and authentication parameters for Biometric Prompt now expose setConfirmationRequired().
  • Removed Intermediate push feature. You must use Play Integrity for app attestation instead. You can learn more in our feature documentation.
  • Removed deprecated API methods:

SDK 3.16

News for release: SDK 3.16

  • Added new feature Client debug data. You can learn more in our feature documentation.
  • Added new EncapConfig setting setAllowDebugData.
    • This is set to true by default.
    • This can be set to false to reserve a device from sending debug data, even if it is turned on in your Application configuration.
  • Deactivating a non-activated registration on the client no longer results in an error.
  • Removed documentation about fingerprint.
    • For all new implementations, we recommend using Biometric Prompt.
    • If fingerprint is needed on Android versions 6-8, we recommend using Biometric Prompt with AndroidX library.
    • The removed fingerprint documentation can still be accessed in an older version of this document if needed.
  • Removed documentation about How to build with Maven.
    • The removed documentation about integration with Maven can still be accessed in an older version of this document if needed.
  • SafetyNet attestation will be replaced with Play Integrity in version 3.17.
  • Deprecated API methods:

SDK 3.15

News for release: SDK 3.15

  • Replaced error clientErrorKeyPermanentlyInvalidated with code 180, with error clientErrorAuthDataInvalidated with code 132. This is to match the iOS implementation.
  • Added support for cancelling an ongoing Biometric authentication for AndroidX BiometricPrompt.
    • The app can cancel an ongoing Biometric authentication by supplying a CancellationSignal to the DeviceAndroidBiometricPromptAuthParameter, and calling the cancel() method.
    • For AndroidX BiometricPrompt, this is implemented so that the Encap API sets up a listener on the CancellationSignal that will call the cancelAuthentication() method of the AndroidX BiometricPrompt.
  • Deprecated Intermediate Push attestation. This will be removed in a future release.

SDK 3.14

News for release: SDK 3.14

  • Added new feature for Geofencing. In this feature, the SDK performs a lookup of the device location to an external Geocoder service and sends the country code to the server. You can learn more in our feature documentation.
  • Changed name of AuthenticateAndActivate to AddOrUpdate.
    • On iOS, this function has always been called AddOrUpdate. Android is now changing to make the two controller interfaces look more similar.
  • Removed Signing feature. is removed. This means that these functions do not exist any more and you need to remove the use of it in your app:
    • EncapConfig.Builder: setSigningEnabled(), setSigningKeySize()
    • EncapController: startAuthenticationOrSigning(), startSigning(), FinishSigning()
    • EncapController.State: isSigningState()
    • PushMessage: isSigningMessage()
    • SigningFailedException, StartSigningResult, FinishSigningResult
  • Added new error code serverErrorInvalidSession. This means that if a new session is started on the server after the client has done startAuthenticate, then you will get this error during finishAuthenticate, and you need to do startAuthenticate again.
  • Removed error codes:
    • serverErrorIncorrectSignature
    • serverErrorInvalidSignature
On this page