Flutter biometric authentication and secure MQTT IoT bridge. Verify users with platform biometrics, generate cryptographic tokens, and trigger trusted device actions with hardware-level security.

Bridge layer for biometric IoT devices and developer integrations.

biometric_iot_bridge is a Flutter plugin that connects device biometrics with secure token generation and IoT device signaling.

It allows Flutter apps to securely:

• Verify users using fingerprint / face / device credentials
• Generate cryptographically secure tokens
• Send trusted commands to IoT devices via MQTT

This package is designed for security-sensitive, device-aware, and remote-control workflows.

┌───────────────────────┐
│     Flutter App       │
│  (Dart / UI Layer)    │
└──────────┬────────────┘
│
│ verifyBiometrics()
▼
┌───────────────────────┐
│   local_auth Plugin   │
│ (Platform Biometrics) │
└──────────┬────────────┘
│ Success / Failure
▼
┌───────────────────────┐
│  Token Generation     │
│ (SHA-256 via crypto)  │
└──────────┬────────────┘
│
│ sendRemoteSignal()
▼
┌───────────────────────┐
│    MQTT Client        │
│   (mqtt_client)       │
└──────────┬────────────┘
│
▼
┌───────────────────────┐
│    IoT / Backend      │
│ (Broker / Device)     │
└───────────────────────┘

Add to your pubspec.yaml:

dependencies:
  biometric_iot_bridge: ^0.1.4

Then fetch packages:

flutter pub get

Add to android/app/src/main/AndroidManifest.xml:

<uses-permission android:name="android.permission.USE_BIOMETRIC"/>
<uses-permission android:name="android.permission.USE_FINGERPRINT"/>

Add to ios/Runner/Info.plist:

<key>NSFaceIDUsageDescription</key>
<string>This app uses Face ID / Touch ID to verify your identity.</string>

No additional setup required. Uses native device authentication APIs.

import 'package:biometric_iot_bridge/biometric_iot_bridge.dart';

final bridge = BiometricIotBridge();

final authenticated = await bridge.verifyBiometrics();

if (!authenticated) {
  print("Authentication failed");
  return;
}

final token = bridge.generateSecureToken("my_secret_key");

await bridge.sendRemoteSignal("iot/unlock", token);

final bridge = BiometricIotBridge();

final authenticated = await bridge.verifyBiometrics();
if (!authenticated) return;

final token = bridge.generateSecureToken("your_secret_key");

await bridge.sendRemoteSignal("iot/device/action", token);

This package follows a non-invasive security model:

• Uses platform-native biometric APIs — no raw biometric data accessed
• Does NOT store fingerprint / face data
• Cryptographic token generation via SHA-256
• Designed for trust signaling, not identity storage

⚠️ Important: Always validate tokens server-side or device-side.

biometric_iot_bridge assumes:

Trusted Components

• OS biometric subsystem
• Secure enclave / TEE (when available)
• MQTT transport security (developer responsibility)

Out of Scope

• Broker compromise
• Replay attacks without nonce/expiry
• Secret key management

Recommended Hardening

• Use TLS MQTT (port 8883)
• Add token expiry / nonce
• Rotate secrets periodically
• Validate topic permissions

• Smart locks / physical access systems
• IoT device authorization
• Hardware-bound trust flows
• Secure remote triggers
• Multi-factor security pipelines

Future<bool> verifyBiometrics()

Triggers platform biometric authentication.

String generateSecureToken(String secret)

Returns SHA-256 hash token.

Future<void> sendRemoteSignal(String topic, String token)

Publishes token to MQTT topic.

• Predictable API behaviour
• Minimal abstraction
• Security-aware defaults
• Broker-agnostic design

This package follows pub.dev best practices:

• ✅ Platform setup documented
• ✅ Example usage provided
• ✅ Null-safe Dart
• ✅ Lints enabled
• ✅ License included
• ✅ Repository metadata defined

PRs and improvements welcome.

Repository: https://github.com/SEOSiri-Official/biometric_iot_bridge

MIT License. See LICENSE.

Developed & maintained by:

Momenul Ahmad SEOSiri — https://www.seosiri.com

If this package is useful:

• ⭐ Star the GitHub repository
• 👍 Like on pub.dev
• 🐛 Report issues