Page tree
Skip to end of metadata
Go to start of metadata

Last updated: Dec 04, 2017 10:47

Many mobile devices now support hardware features that authenticate the user by reading a fingerprint or face identification. Using these readers, applications can better authenticate the user's identity. This is used both by the operating system, when opening the device and by applications, for example financial and medical applications, that require conclusive identification before accessing sensitive records.

Perfecto offers support for testing and automation of these applications on Perfecto Lab devices. When testing an application dependent upon the authentication hardware, the main feature to test is  the ability of the application to address the two scenarios:

  • User is successfully identified.
  • User is not authenticated by the sensor.

To cover these scenarios, Perfecto supports an extension command, supported by the REST API, Appium automation, UFT integration, Native Automation, and Perfecto's Manual testing interface, that can be used at the point of authentication to supply the different authentication results.

Testing/Automation Procedure

When testing or automating an application that accesses the fingerprint reader, use the following general procedure:

  1. Select the device to run the application on. Be sure that the device selected supports the reader hardware in question (fingerprint reader or camera reader for face identification).
  2. Install the application onto the device. Use Perfecto's sensor instrumentation to prepare the application for testing/automation.
  3. Start the application.
  4. When the application reaches the point of authentication, invoke the Set sensor authentication command to supply the authentication response.
    Many devices will prompt the user, with a popup, to use the identification reader. An automation script should check that the prompt appears.
  5. Check the different branches of the application.

Error Messages

The following error messages may appear as a result of using the interactive sensor authentication simulation feature:

  • Target application is not instrumented - will appear if you activate the Authentication widget when the active application is not instrumented for sensor authentication simulation.
  • Operation timed out - will appear if you activate the Authentication widget when the application is not accessing the sensor reader.
  • Fingerprint command not supported - will appear if the device does not support the sensor reader hardware, or is running a version of the device OS that does not support the functionality.

Selecting the Device

Fingerprint simulation will work with any Android or iOS device that supports the hardware fingerprint reader. For iOS, verify that the device is running iOS 9 or later..

FaceId will work only on iOS devices that support face identification (e.g. iPhone X).

In addition, iOS devices should normally be enrolled with the TouchID or FaceID service for the reader to be activated in the application. But if the Perfecto Lab device is not enrolled, the simulation software will intercede at the point that the instrumented application activates the reader and allow the tester or automation script to activate the simulation command.

Installing and Running the Application

The following subsections will explain how to install the application with Sensor Instrumentation, run the application, and using the Set Sensor Authentication command (to simulate the user using the sensor reader) in the different environments.

Appium Support

To activate the functionality from an Appium script do the following:

Installing the application

>> When installing the application as part of the driver creation add the following capability setting:

capabilities.setCapability("sensorInstrument", true);

>> If installing with the mobile:application:install Perfecto command, supply the sensorInstrument parameter, set to "sensor".

Map<String, Object> params = new HashMap<>();
// use either the "identifier" or "name" parameter to identify the app
params.put("sensorInstrument", "sensor"); 
//  <<additional parameters to identify the application to install>>
driver.executeScript("mobile:application:install", params);

Simulating sensor reader

>> At the point where the script needs to simulate the sensor reader, 

  1. Identify that the application is prompting the user to identify through the sensor reader.
  2. Run the mobile:sensorAuthentication:set command:
Map<String, Object> params = new HashMap<>();
// use either the "identifier" or "name" parameter to identify the app
params.put("identifier", <application package identifier>); 
params.put("resultAuth", "fail");  // may be either "fail" or "success"
params.put("errorType", " lockout");  // may be authFailed, userCancel, userFallback, systemCancel, or lockout
driver.executeScript("mobile:sensorAuthentication:set", params);

If the automation script is simulating a failure result (meaning the resultAuth parameter is set to fail) - the errorType parameter indicates more information on why the authentication failed. This allows the script to activate different failure scenarios. The error types supported include:

  • authFailed - indicates that the fingerprint was not recognized and therefore not authenticated.
  • userFallback - indicates that user selected an option to provide a different authentication method, for example using a password.
  • userCancel - indicates that user selected an option to cancel the authentication.
  • systemCancel - indicates that system cancelled the authentication.
  • lockout - indicates that this is a multiple-failure scenario and the user account should be locked.

Special Considerations for iOS Devices

As mentioned above, iOS requires that the device undergo an "enrollment" procedure with the Touch ID or Face ID service, prior to using the authentication hardware.

If the device has been enrolled with the identification service, then the procedure detailed above will work as described.

If the device has not yet been enrolled, the OS will not prompt the user to provide an authentication, and the Perfecto system will intercede and provide a prompt (see below) that can be identified either with Visual Analysis or as an object.

Native Automation/UFT Support

For Perfecto Native Automation or UFT scripts to use the new functionality -

>> In the Install application command - set the advanced "Sensor instrumentation" parameter to true.

>> Add a call to the Application -> Set Authentication command to the script at the point where the automation should authenticate a user.

  • Supply either the application name or application identifier for the application (that was instrumented) being tested.

  • Supply the simulated return value - true indicates that user is authenticated and false indicates user not authenticated

Known Limitations

At this point, the command has the following limitations:

  • There is no reset function for the simulation. If there is a need to run the application with direct activation of the sensor reader, you need to reinstall the application without the instrumentation.
  • The feature is supported for 
    • iOS devices running iOS 9.0+
    • Android devices running version 6.0+ .
  • The feature is only supported for devices that support the sensor reader interface.
  • Also see the general instrumentation limitations.