Skip to content

[@nativescript/biometrics] Issue with verifyBiometric on iOS 18.3.1: Unable to Retrieve Stored Secret When Using pinFallback #616

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kyrstencarlson opened this issue Feb 28, 2025 · 1 comment
Open

[@nativescript/biometrics] Issue with verifyBiometric on iOS 18.3.1: Unable to Retrieve Stored Secret When Using pinFallback #616

kyrstencarlson opened this issue Feb 28, 2025 · 1 comment
Assignees
@NathanWalker
Labels
in progress

Comments

@kyrstencarlson
Copy link

kyrstencarlson commented Feb 28, 2025
edited
Loading

Description

While using iOS 18.3.1, I encountered an issue with the verifyBiometric function where enabling pinFallback prevents retrieval of the stored secret.

Code Example

this._BiometricAuth.verifyBiometric({
    title: 'Authenticate',
    message: 'Verify your identity to access your account.',
    keyName: 'MyKeyName',
    pinFallback: true, // Allow fallback to device passcode
    ios: {
      fetchSecret: true, // Retrieve stored secret upon successful authentication
      customFallback: false, // Do not use custom fallback logic
    },
});

Expected Behavior

  • If Face ID fails, the system should prompt the user to enter their device passcode.
  • After successful authentication (via Face ID or passcode), the stored secret should be retrievable.

Actual Behavior

  • When pinFallback: true, the stored secret is not accessible.
  • This behavior seems to be affected by customFallback: false, even though I intend for it to behave similarly to Face ID authentication.
  • If pinFallback: false, Face ID failures result in an error (SecItemCopyMatching), and the passcode prompt does not appear.

Question

Is there a way to retrieve the stored secret when pinFallback: true and customFallback: false? Am I missing a configuration that allows proper fallback behavior while still being able to fetch the stored secret?

Environment

  • iOS Version: 18.3.1
  • Biometric Authentication Library: @nativescript/biometrics: "1.3.1"
  • Device Model: iPhone 15 Pro, iPhone 16

Any guidance or workarounds would be greatly appreciated!
@kyrstencarlson kyrstencarlson changed the title [@nativescript/biometrics] Issue with verifyBiometric on iOS 18.1: Unable to Retrieve Stored Secret When Using pinFallback [@nativescript/biometrics] Issue with verifyBiometric on iOS 18.3.1: Unable to Retrieve Stored Secret When Using pinFallback Feb 28, 2025
@NathanWalker NathanWalker self-assigned this Feb 28, 2025
@jcassidyav
Copy link
Contributor

As noted here, enabling pin fallback disables the encryption functionality. this is because the underlying key used with the encryption is always protected by biometrics.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NathanWalker NathanWalker

Labels
in progress
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@NathanWalker @jcassidyav @kyrstencarlson