Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there a way to use Touch ID with the iOS Keychain but not prompt for the user passcode?

Tags:

ios

objective-c

mobile

ios8

keychain

I want to store user credentials securely in the iOS Keychain, but I only want the user to be able to use their fingerprint to retrieve the Keychain item. Is there a workflow for calling the Touch ID sensor to retrieve Keychain items with the ability to dismiss the passcode unlock or without falling back to the passcode at all?

I have implemented the methods defined in the WWDC session on Touch ID and Keychain, but I do not want to fall back on the device passcode like they do in their demo. I want the user to sign in traditionally once the fingerprint scan has failed.

like image 551
strk14 Avatar asked Nov 13 '14 19:11

strk14

People also ask

Can you use keychain without ID?

Set the Face ID Usage Description plist file. Without this key, the system won't allow your app to use Face ID. The value for this key is a string that the system presents to the user the first time your app attempts to use Face ID.

How does biometric authentication work on iOS?

iOS biometrics authentication: Allows you to authenticate when accessing your account from a specific iOS device, using that device's built-in biometrics, through Touch ID or Face ID. You can only sign on to your account from the same device with which you want to authenticate.

1 Answers

@kishikawa-katsumi is right, in iOS 8 there is no way to disable passcode fallback. The kSecAccessControlUserPresence access control flag makes an item accessible after either Touch ID or Passcode authentication succeeds and it even doesn't require Touch ID to be available.

But this has been improved in iOS 9. Two Touch ID-related flags, kSecAccessControlTouchIDAny and kSecAccessControlTouchIDCurrentSet, have been added.

So, you need to use either of these two flags when creating access control object for Keychain item (with SecAccessControlCreateWithFlags function) and assign that object to kSecAttrAccessControl attribute when adding the item with SecItemAdd function.

There is an example from Apple that demonstrates this; see addTouchIDItemAsync method. Also, see this post for an overview of other security-related changes in iOS 9.

like image 120
skozin Avatar answered Nov 16 '22 00:11

skozin
Sign in to Comment

Related questions

OpenCV with Laplacian formula to detect image is blur or not in iOS
Unable to start ios-sim on Yosemite
Potential leak of an object stored into CGImageRef
Anonymously Log In to an App with iCloud Apple ID
Remove inserted but unsaved object from Core Data Managed Object Context
UICollectionViewFlowLayout subclass crashes accessing array beyond bounds while scrolling and reloading
Maintain Session information by handling cookies in iOS
Get NSData straight from AFNetworking, rather than letting it convert to UIImage
iOS: Custom Font Robot-Bold (not working)
What is the easiest to get the size class of a UIViewController?
Disable locale for NSNumberFormatter
My app was rejected for using "Advertising Identifier"
APNS notification sound for iOS
Access different views inside of a UITableViewCell by tag in Swift
Swift pointer arithmetic and dereferencing; converting some C-like map code to Swift
iOS8 UIKeyboardWillShowNotification Third party keyboard height [duplicate]
swift multiple cell subclasses in UITableViewCOntroller
Mobile Safari not showing CSS transform rotateX and rotateY only rotateZ
How to implement dynamic background image in swift
App crashing on reloadData method of tableview

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!