Identity Check is a security feature introduced with Android 16 that requires biometric authentication for sensitive actions, even if someone has the device PIN or password.
When Identity Check is enabled, actions such as changing passkeys, modifying security settings, or accessing sensitive app data require the device owner's fingerprint or face authentication. A PIN, pattern, or password alone is not sufficient for these actions.
How does this affect enterprise?
For managed devices, Identity Check adds a layer of protection against scenarios where a device PIN is compromised or shared. This is particularly relevant for:
Identity Check requires individual user activation - there is no AMAPI policy field to enable or enforce it centrally. Users must opt in through Settings > Security & Privacy on each device. Administrators cannot toggle it on remotely, but can detect its state and build compliance rules around it.
From Android 16 QPR2, Identity Check extends beyond system settings to any app that uses the standard Android biometric prompt API. When the device is outside trusted locations, the PIN/password fallback is removed entirely for biometric prompts - the user must authenticate with a fingerprint or face. This applies to:
BiometricPrompt for authentication (banking, authentication, MTD/EDR agents)For enterprise, this means any managed app using biometric prompt inherits stronger authentication outside trusted locations without the app developer needing to change anything. Administrators should ensure biometric enrolment is configured on devices where Identity Check is active, since there is no fallback to PIN/password outside trusted locations.
This feature is part of Android's broader move towards zero-trust security principles at the device level, complementing existing features like Device Trust signals and hardware-backed attestation.