I am making an application for work that has many user devices, and only a few administrator devices.
The application uses fingerprint authentication (and has a feature for pin entry if your finger is cut or otherwise somehow unrecognized). The application is for emergencies, so I need to be able to have administrators be able to authenticate themselves on user devices.
Is there a way to copy an administrator's fingerprint from his/her device and add that to a user's device? In the case of an emergency, the admin may not have their device, but only have access to a user's device.
If you're using Android 6.0 fingerprint APIs, I'm afraid to tell you that technically is not possible. For security reasons, the fingerprint remains safely encrypted in the device, thus it's not possible to extract it.
A Google engineer, part of the team responsible for the Nexus 5X and Nexus 6P, replied the following, to an user in Reddit:
Fingerprint features are securely encrypted on the device, and processed in the secure Trustzone protected area of memory. The Android 6.0 fingerprint APIs do not provide any access to the fingerprint material to apps. Fingerprint features never leave the device and are not shared with Google (so for example if you setup a new phone, you need to re-enroll your fingers). If your phone is ever lost or stolen you can easily find, lock, and erase your phone using Android Device Manager.
Accordingly, it's not possible to duplicate fingerprints that you cannot extract from your application.