It has been proven that hackers can manipulate your screen with some fake click exploits, so you may be able to click on the "Grant" button when you receive a superuser request. This is the last thing you want, since the malicious app has full system permissions from that point on. Fortunately, using a fingerprint to block your superuser needs can prevent this.
Although not as common as traditional malware programs, there are malicious apps that try to gain control over your system through root access. As root users, these types of apps pose a more dangerous threat to you and your personal information as they have the freedom to act at will. Why take a risk when hackers are always looking for new ways to exploit the system?
The fingerprint authentication used by Magisk is the same system-level API that binds to your phone when it's unlocked-it's not an external method of collecting your biometric data. Google enforces this on every app that has a fingerprint feature, which further improves your security level for all apps. Your data is only stored on your device ̵
Enabling Fingerprint Authentication in Magisk
Open the Magisk Manager app, tap the menu button on the left, and then go to Settings. Section. Scroll to the bottom of the page and turn on Enable Fingerprint Authentication. As long as you have already registered a fingerprint to unlock your phone, Magisk will ask you to authenticate it once to confirm your selection.
After confirming your biometric data, any new superuser request received through Magisk will be asked for fingerprint authentication, typical "Grant" or "Deny" responses. Also, make sure the Auto Answer option is set to Prompt to make sure that it works properly. For example, if permissions are granted automatically, the security of your fingerprints will be overridden altogether.
It is at least impressive to be able to make all sorts of new system changes using root access. However, it's not much fun when a fraudulent app tries to hijack your system with the same root access. Now you can control all superuser requests with your fingerprint, which means your device is even safer than before. Have fun!