Understanding Fingerprint Authentication

(Android, iOS) Beginning in SP14, kapsel applications and SAP Fiori Client support fingerprint authentication. Fingerprint authentication can be used to unlock the datavault instead of the passcode.

Fingerprint authentication is built into the SAP Fiori Client by default. It is not necessary to enable it in the Custom SAP Fiori Client, however, if you have enabled Multiple User Support then fingerprint authentication can not be used.

Requirements

When developing your application keep in mind that fingerprint authentication requires the following device conditions.

The user must enable fingerprint authentication in SAP Fiori Client by selecting the set passcode screen, for more information see SAP Fiori Client User Guide
The user's fingerprint must be configured and saved in the device's operation system settings.
For iOS, fingerprint authentication is available on devices that have touch id capability, and are running iOS 9 or higher.
For Android, fingerprint authentication is available on devices that have fingerprint authentication capability and are running Android 6.0 or higher.
Note If a user enables fingerprint authorization for an Android kapsel application or a Custom SAP Fiori Client for Android, and then decides to authorize additional fingerprints through the device’s security settings, fingerprint authorization will be disabled for the application . The user will be required to enter the previously-specified passcode the next time the application is launched. At that time, the user can re-enable fingerprint authorization at which point any authorized fingerprint will be able to unlock the application unless additional fingerprints are added.

Passcode Policy

To support Fingerprint Authentication in SAP Fiori Client, allowFingerprint has been added to the passcode policy. By default, the allowFingerprint policy is enabled on the device side. For more information on at Passcode Policy, see Application Passcode.