As anyone who uses apps that allow for fingerprint authentication will know, the UI for each app's prompt can differ wildly. Android P will attempt to combat this by providing a new API. Additionally, Google will be blocking cleartext (unencrypted HTTP) by default for apps that use Network Security Configurations.

Currently, each app seems to be using a different prompt for fingerprint sign-in; for instance, Bank of America, Chase, Discover, and PayPal each have their own. It's something I've personally been wishing were more unified, especially since some of these prompts are just not very well-designed. Android P will provide a standard system dialog, and text and placement will be managed per device. This can be utilized by a new FingerprintDialog API, and Google recommends a switch to it ASAP.

Android P will also be blocking all cleartext traffic for apps using Network Security Configuration by default. This is due to an ongoing effort to move traffic away from unencrypted HTTP to TLS. Network Security Configuration users will now need to make connections over TLS, though you can opt into cleartext for specific domains.