"panicString" : "panic(cpu 3 caller 0xfffffff02eab5184): AppleSEPManager panic for AppleSEPKeyStore: sks request timeout\nFirmware type: UNKNOWN SEPOS\nSEP state: 7\nPM state: 2\nBoot state: 31\nMailbox status

I have integrated the face ID authentication using LAPolicy.deviceOwnerAuthentication of LocalAuthentication Is there a way to determine whether the user disabled the faceID in the app settings programatically ?

I am using deviceOwnerAuthentication policy of local authentication for biometric authentication. If user have not added any fingerprints or faceID, is there a method to determine it. LABiometricType is only checking if the device can support the touch/face ID. Couldn't find a method to determine if the user have added it.

Landscape face id doesn't work on my iphone 12 with the iOS 16 beta, and there is nothing on apples website that says which models are compatible. Is there a list available?

Can I add a lock screen on my iOS app? my requirement is : whenever a user opens the app, he/she need to unlock the app first then only he/she can operate the app.

Are there any resources that list the meta data used in TouchID attestation? I would like to only allow TouchID as the FIDO2 method and want to block the other FIDO2 methods.

Hello mates, I am having an issue while disabling user's biometry on iPhone 13 Pro Max. When I performs multiple failed recognition wrong attempts through Face ID, device Biometry does not get locked. I want to have some custom functionality after Biometry locking. This issue is only on iPhone 13 Pro Max whereas its working fine on physical iPhone 13 Pro. Had anyone this issue faced?. Any help would be appreciated. Thanks, Dawood gul

I added the NSFaceIDUsageDescription property to the Info.plist file, but my App Clip never prompts the user for Face ID permissions and context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) returns the following error: Error Domain=com.apple.LocalAuthentication Code=-6 "User has denied the use of biometry for this app." UserInfo={NSLocalizedDescription=User has denied the use of biometry for this app.} Is Face ID intentionally forbidden on App Clips (perhaps due to security reasons)? It is not listed as one of the limitations in this documentation (Choosing the Right Functionality for Your App Clip - https://developer.apple.com/documentation/app_clips/choosing_the_right_functionality_for_your_app_clip) though.

Hello, I am currently working on a captive portal solution, which implements the sign-in with Apple feature. I have developed the feature to authenticate a client using a username/password. Authenticating the portal through iOS safari authenticates using the FaceID mechanism. However, the FaceID mechanism appears in the CNA but never authenticates successfully. I created the SSID in the meraki cloud controller with the required ACL's whitelisted from the below link. However, the issue still keeps occurring. https://support.apple.com/en-us/HT210060 Anyone else facing this type of issue, please provide some insights.

Hi, iOS 15.4 is bringing a new exciting security feature which allows users to enroll "masked face" so they can unlock their devices while wearing a mask. Some apps might leverage evaluatedPolicyDomainState (https://developer.apple.com/documentation/localauthentication/lacontext/1514150-evaluatedpolicydomainstate) to detect if the biometric state has changed, and if so, logging out/locking the user to protect their data. Looks like the masked-face enrolment changes the policy domain state as such it might lead to many unexpected logouts. Is there any way to detect if the change to the state was introduced by the masked face enrollment as such we can somehow retain the user's login session? Many thanks!

Hey, i just want to ask if there is any way to get Face ID on my IPhone 7. I just upgraded to IOS 15.4 now and please tell me a method without Jailbreak . ty David

Can a developer access the dot projector and other hardware used by faceid in order to scan objects?

I just registered a site for WebAuthn test. I want to delete this FIDO2 credential, from Apple TPM chipset, just like the command of Yibikey "ykman fido credentials delete" as. I cannot find my authentication datas from "KeyChain Access.app" I know that Yubikey has 25 FIDO2 credentials limit. Does Apple TPM chipset too? If i cannot delete this credential, will i get something error in feture use?

Is there any way to store the biometric information/data points that faceid collects in your own database? I know it's possible to allow users to log in using faceID on their own phones, however, is it possible to leverage facial recognition and make it a feature in my app? For instance, allowing any user to log into my app on any iphone just by scanning their face...

We use biometricID (faceID/touchID) authentication to access to a secret stored in keychain. We create the access control object with the biometryCurrentSet option as shown to make sure if FaceID / TouchID changes the entry should be invalidated. let secAccessControlObj = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, .biometryCurrentSet, accessControlError) Below is the set and get query, Set Query: [String(kSecClass): kSecClassGenericPassword,         String(kSecAttrAccount): group as AnyObject,         String(kSecAttrService): service as AnyObject,         String(kSecUseAuthenticationUI) : kSecUseAuthenticationUIAllow as AnyObject,         String(kSecAttrAccessControl) : secAccessControlObj,         String(kSecValueData) : value as AnyObject,         String(kSecAttrCreationDate) : Date() as AnyObject] Get Query: [String(kSecClass): kSecClassGenericPassword,         String(kSecAttrAccount): group as AnyObject,         String(kSecAttrService): service as AnyObject,         String(kSecUseAuthenticationUI) : kSecUseAuthenticationUIAllow as AnyObject,         String(kSecAttrAccessControl) : secAccessControlObj,         String(kSecValueData) : value as AnyObject,         String(kSecAttrCreationDate) : Date() as AnyObject] Steps: Set the value in keychain using the set query above Reset the faceID Use the get query to get the value from keychain by authenticating against TouchID/ FaceID. Result: When we try to get the value from keychain using SecItemCopyMatching(query as CFDictionary, result) we get the error code errSecAuthFailed (-25293) on iOS 15. Analysis: Prior to this (iOS 14 and below) the error code would be errSecItemNotFound which makes more sense. This is an issue for iOS 15 only as we also get errSecAuthFailed when user backgrounds the app while authenticating with FaceID/TouchID. This creates a ambiguity for us. In our testing when we backgrounded the app while authentication is in progress, we found the actual call to SecItemCopyMatching(::) was made when app's state was actually active but when the call returned the state had become background and the error code was again errSecAuthFailed This seems to be a bug with iOS 15 as it creates a ambiguity for the caller. I think the error code returned after resetting faceID should still be errSecItemNotFound in which case we can know the secret is actually lost since FaceID is reset and can treat errSecAuthFailed as error where the secret is actually not lost but just that failed temporarily. Please let us know if we need to file a bug

We have an issue to log into website with Face ID using AutoFill feature of Safari on iPhone. We are Not using the Web Authentication API with FaceID. Our website has multiple html buttons on sign in page (forgot username, forgot password, sign in).  When Face ID is used to AutoFill username and password and login into the website it uses the forgot username button which leads to forgot username page. So instead of using sign in button it uses forgot username button.  Is there a html property that needs to be set on the sign in button so face id knows it should use that one? STEPS TO REPRODUCE  Enable iCloud Keychain  Enable AutoFill for your Names and Passwords in Safari settings.  Open Safari and browse to website. Sign in as you normally would by entering your username and password. A message should pop up asking if you would like to save this password in your iCloud Keychain for AutoFill on all your devices. Tap on Save Password.  Sign out of the site  Try to Sign in using FaceID Using: IOS 14.4.1 Safari 14 iPhone 12 pro

Hi all, I'm wondering if anyone has built apps specifically using FaceID, does apple allow developers to access FaceID source to develop app for features other than authentication? For example: Apple uses FaceID for attention awareness when diming the screen... I'd like to know if there are any apps out there that take advantage of the FaceID hardware in other ways?

Whenever user tries to login with biometric and it failed multiple times then the passcode screen appears and this is the screen which we don't want for our perfectly secure applications. We are looking to authenticate user with biometric only and not fallback to passcode which is same as the Apple internal API https://developer.apple.com/documentation/security/secaccesscontrolcreateflags where we can enforce user to use biometric based login. Although we like WebAuth framework but this is the only reason we cannot move forward with the WebAuthn framework. is it something Apple can think about providing to make application more secure ?

I've got some admittedly old Objective-C code handling Keychain items protected by Touch ID / Face ID that uses the access control flag kSecAccessControlTouchIDCurrentSet, accessing the items would fail with errSecItemNotFound when the user adds or removes a finger/face from the device, however on iOS 15.0 this is not happening. It does work on iOS 14.6 still. My deployment target is still iOS 11.0 so I haven't moved to kSecAccessControlBiometryCurrentSet as the replacement for the now deprecated TouchID value - but the enum raw values are the same so I don't see how that could be the cause. I can't see what the new error code is, because I'm not using Xcode 13, but I'll try and get the DeviceSupport copied in (official support for this is please!) to help search: Swift touchIDCurrentSet biometryCurrentSet Objective-C kSecAccessControlTouchIDCurrentSet kSecAccessControlBiometryCurrentSet

I'm making an application in Expo using the expo-facebook library and I don't know why the login trying it from an IOs emulator sends me to the Expo Go login instead of that of my Facebook application when I share the code with the shared code Facebook id. Jobs when I return to the app tells me the credentials are incorrect. It just happens to me with Ios, on android I'm fine. Can you help me