Biometric Authentication

Mini Programs provide the following biometric authentication modes via SOTER.

Currently, only fingerprint identification verification is supported. The biometric authentication modes available for your device can be queried using wx.checkIsSupportSoterAuthentication

Calling Process

Process description

  1. Call wx.startSoterAuthentication to obtain resultJSON and resultJSONSignature.

  2. (Optional) Signature verification. Here resultJSONSignature uses SHA256withRSA/PSS as a signature algorithm for verification. The mathematical formulas are defined as follows: bool verification results=verify (an original string used for signing, a signature string, a public key to verify the signature)

  3. Weixin provides a backend API for the trusted key signature verification service. Weixin ensures the correctness and reliability of the signature verification results returned by the API, and the API has the above characteristics in the case of Android root (it will return whether the security of root can be guaranteed).

API address:

POST http://api.weixin.qq.com/cgi-bin/soter/verify_signature?access_token=%access_token

post data contents (JSON encoded):

{"openid":"$openid", "json_string" : "$resultJSON", "json_signature" : "$resultJSONSignature" }

Request to return data contents (JSON encoded):

// Verification successful is returned
{"is_ok":true}
// Verification failed is returned
{"is_ok":false}
// API call failed
{"errcode":"xxx,"errmsg":"xxxxx"}