hwsecurity / de.cotech.hw / SecurityKeyManager /


open class SecurityKeyManager

The SecurityKeyManager is a singleton class for high-level management operations of security keys.

To use security keys in your App, you must first initialize it using init. This is usually done in onCreate.

Once initialized, this class will dispatch newly connected security keys to all currently registered listeners. Listeners can be registered with registerCallback.

public void onCreate() {
    SecurityKeyManager securityKeyManager = SecurityKeyManager.getInstance();

A callback is registered together with a SecurityKeyConnectionMode, which establishes a connection to a particular type of Security Token, such as FIDO2, FIDO, PIV, or OpenPGP. Implementations for different SecurityKeyConnectionModes are shipped as artifacts, such as hwsecurity-fido2, hwsecurity-fido, hwsecurity-piv, and hwsecurity-openpgp. Apps will typically use only a single type of Security Key.

To receive callbacks in an Activity, register for a callback bound to the Activity’s lifecycle:

public void onCreate() {
    FidoSecurityKeyConnectionMode connectionMode = new FidoSecurityKeyConnectionMode();
    SecurityKeyManager.getInstance().registerCallback(connectionMode, this, this);
public void onSecurityKeyDiscovered(FidoSecurityKey securityKey) {
    // perform operations on FidoSecurityKey

Advanced applications that want to work with different applets on the same connected Security Key can do so using de.cotech.hw.raw.RawSecurityKeyConnectionMode.


Name Summary

open fun clearConnectedSecurityKeys()

This method clears and releases all connected security keys.Calling this method will clear the managed state of all persistently connected Security Keys.This operation should not be called during regular operation, since all managed devices (NFCand USB) are automatically cleaned up when they are disconnected.

getConnectedPersistentSecurityKeys open fun getConnectedPersistentSecurityKeys(): List<SecurityKey>
open fun <T> getConnectedPersistentSecurityKeys(clazz: Class<T>): List<T>

open fun getInstance(): SecurityKeyManager

Returns the singleton instance of SecurityKeyManager.


open fun init(application: Application)

This method initializes SecurityKeyManager with a default configuration.

open fun init(application: Application, securityKeyManagerConfig: SecurityKeyManagerConfig)

This method initializes SecurityKeyManager.This method initializes dispatch of security keys while the App is in the foreground.


open fun isNfcHardwareAvailable(): Boolean

Returns true iff NFC hardware is available.Note that NFC hardware might still be disabled, e.g.


open fun isUsbHostModeAvailable(): Boolean

Returns true if USB host mode is available.The USB host mode hardware feature is necessary to connect USB accessories (such as Security Keys) toan Android device.

onNfcIntent open fun onNfcIntent(intent: Intent)
onUsbIntent open fun onUsbIntent(intent: Intent)
rediscoverConnectedSecurityKeys open fun rediscoverConnectedSecurityKeys()

open fun <T : SecurityKey?> registerCallback(mode: SecurityKeyConnectionMode<T>, lifecycleOwner: LifecycleOwner, callback: SecurityKeyCallback<T>)

Registers a callback for when a security key is discovered.


open fun <T : SecurityKey?> registerCallbackForever(mode: SecurityKeyConnectionMode<T>, callback: SecurityKeyCallback<T>)

Registers a callback for when a security key is discovered.