Xposed module that skips the confirm step after face unlock
About this app
Biometric Bypass is an Xposed module that makes face unlock feel instant by skipping the confirmation step Android enforces after biometric authentication.
Even after your face is recognized, Android often shows a "tap to confirm" dialog before letting you through. This module removes that dialog system-wide, so a successful scan unlocks straight away instead of waiting for a second tap.
It works by hooking into System UI, so the bypass applies everywhere, including banking and security-sensitive apps that would normally force the extra step.
Requirements
• Android 10 (API 29) or higher
• An Xposed framework with libxposed API 101 support
• An AOSP-based or close-to-stock ROM (OEM skins like MIUI or One UI are untested and likely unsupported)
A note on security
Removing the confirmation step trades a little security for speed. With it enabled, anything that satisfies the biometric sensor, including a spoof or your own face while you are asleep, will unlock without the extra tap. Use it where that tradeoff makes sense for you.
Licensed under MIT, by hxreborn.
What's New in v2.0.1
Imported from the F-Droid repository index.
- Click confirm on the first frame the dialog is shown
- Run retries on the view handler instead of coroutines to avoid misses in some scenarios
- Skip non-main SystemUI processes
- Cache AuthContainerView reflection at hook setup
- Drop unused dependencies
Version history
Jun 25, 2026 · 0.1 MB · Android API 29–36 · code 201
Imported from the F-Droid repository index.
- Click confirm on the first frame the dialog is shown
- Run retries on the view handler instead of coroutines to avoid misses in some scenarios
- Skip non-main SystemUI processes
- Cache AuthContainerView reflection at hook setup
- Drop unused dependencies
SHA-256 c9c176029eb562ec68c65b65682e4bcbd5a56ee55b3b91eee61da5b407e1c2be
Mar 18, 2026 · 0.1 MB · Android API 29–36 · code 200
Imported from the F-Droid repository index.
- Migrate to libxposed API 101. Requires an LSPosed Manager with API 101 support.
- - Upgrade to Gradle 9.4, AGP 9.1.0, Kotlin 2.3.10
- - Update coroutines to 1.10.2
SHA-256 842b6f0ea74df37d0e0902ef10314d552ef4fce8b1fc41ebda379b97424c8445
Jan 12, 2026 · 0.2 MB · Android API 29–36 · code 102
Imported from the F-Droid repository index.
- NOTE: New signing key - uninstall previous version before updating.
- - Target Android 16 (SDK 36)
- - Update AGP to 8.11.0 and Kotlin to 2.1.21
- - Add CI/CD release pipeline
SHA-256 81e3350bdaed6b9d9454f0e82eff2b97b6a7297d70be270878d90975e66e5c76
Will it run on your device?
60%
- Targets newer Android builds, so legacy devices may be excluded.
- ABI coverage is focused on newer 64-bit devices.
- Aligned with the latest Android target SDK expectations.
Installation Guide
Open Settings on your Android device
Go to Security → Unknown sources (or Install unknown apps)
Enable "Allow from this source" for your browser or file manager
Open the downloaded APK file from your Downloads folder
Tap "Install" and wait for installation to complete
Launch the app from your home screen
Make sure to re-enable Unknown Sources restrictions after installation for security.
How to install this safely
How to verify the file you downloaded
Before you install anything, confirm the file is the one described here. On a computer, run shasum -a 256 your-download.apk (macOS or Linux) or certutil -hashfile your-download.apk SHA256 (Windows), then compare the output character-for-character with the SHA-256 on this page. If a single character differs, the file is not the build we recorded — delete it.
What the signing certificate proves
Every Android app is signed with a private key that only its developer holds. The fingerprint on this page is a hash of the matching public certificate, and it proves continuity rather than identity: it tells you a build came from whoever signed the earlier ones. Android enforces this at install time — if a package claiming to be eu.rafareborn.biometricbypass is signed with a different key, the system will refuse to install it over your existing copy. A fingerprint that changes between releases is worth pausing on, because a repackaged app that has been modified by someone else cannot keep the original signature.
How to roll back to an earlier version
If the current release misbehaves, 2.0.0 is the last build before it. Android will not install an older version code over a newer one, so you must uninstall Biometric Bypass first — which clears its local data unless you have a backup. Reinstall the older APK only if its signing fingerprint matches the build you already trust, and check the API range: an older release may target an Android version your device has moved past.
Why we list sources instead of hosting everything
The official store channel is almost always the right choice: it updates automatically and carries the publisher's own distribution guarantees. A direct APK is useful when a device has no store access, when a rollout has not reached your region, or when you need a specific version — and only when the publisher has authorized that copy. APKBrowse does not list pirated, cracked, or unauthorized rebuilds of Biometric Bypass, and a listing is removed when the evidence for it stops holding up.
Get Biometric Bypass
Every source we list for eu.rafareborn.biometricbypass is legality-reviewed. Pirated or cracked builds are never offered.
Other sources
F-Droid listing
officialF-Droid builds this app from source and signs it. This is its official listing, with older builds and full release notes.
Source code
verified publisherThe upstream repository this build is compiled from.
We check legality and signature continuity, but device behaviour still varies. Install at your own discretion.
App Information
Security Verification
We record provenance; we do not run malware scans. Verify the hash yourself before installing.
SHA-256 Hash
c9c176029eb562ec68c65b65682e4bcbd5a56ee55b3b91eee61da5b407e1c2be
Signing certificate
32b98dc709a7ee15fae073493a1aeca5d428316cc0d8b8f878eed64ba37f3297
Previous Versions
The signing certificate fingerprint for this release is on record, so a build that does not match it did not come from this publisher.
Report a problem with this listing
A listing is only as good as its corrections. If a source is broken, a signature looks wrong, or this app should not be here, tell the moderation team.