Authenticator for Android
offline, encrypted, hardware-backed.
ZeroAuth for Android is in active development. The architecture uses Android Keystore for hardware-backed key isolation, Android AutofillService for native autofill, and AES-256-GCM encryption for the local-first credential vault — all operating without cloud sync.
Android architecture
Android security integration
Android Keystore
Encryption keys stored in Android Keystore with hardware-backed TEE isolation. Keys generated inside the secure environment cannot be extracted by software.
Android Autofill Service
Native Android AutofillService integration for autofilling credentials and live TOTP codes in compatible apps without a browser extension.
Biometric unlock
BiometricPrompt API integration for fingerprint and face biometric vault unlock, backed by Android hardware security.
Offline TOTP generation
Generates TOTP codes using local clock and device-stored encrypted seeds. Fully functional without internet access.
AES-256-GCM encrypted vault
Credentials encrypted with AES-256-GCM using a PBKDF2-derived key. Encrypted data stored in Android private app storage.
Local encrypted backup
AES-256 encrypted backup files storable anywhere — local storage, SD card, or any location the user chooses. No cloud dependency.
Questions
Android questions answered
Is ZeroAuth available on Android?
ZeroAuth for Android is in active development. The iOS version is currently available on the App Store. Android release information will be announced on this page and through the ZeroAuth newsletter.
How does ZeroAuth use the Android Keystore?
ZeroAuth uses the Android Keystore system to store the AES-256 encryption key for the vault. Android Keystore provides hardware-backed key isolation: keys are generated and stored in the Trusted Execution Environment (TEE) or Secure Element and cannot be extracted by software.
Does ZeroAuth support fingerprint unlock on Android?
Yes. ZeroAuth uses the Android BiometricPrompt API to provide fingerprint and face biometric unlock for the vault. Biometric authentication is backed by Android Keystore and operates within the hardware security boundary.
Does ZeroAuth integrate with Android Autofill?
Yes. ZeroAuth integrates with the Android Autofill Service framework, allowing it to suggest and autofill usernames, passwords, and TOTP codes in compatible apps. This uses the standard Android AutofillService API.
Does ZeroAuth work offline on Android?
Yes. TOTP generation uses the device clock and locally stored encrypted seeds — no network connection is required. Vault access and autofill also operate offline.