Protect Keychain items with FaceID

App & System Services Core OS
Johan W OP
Created Sep ’17
Replies 1
Boosts 0
Views 2.0k
Participants 2

Hi,


I can only find the following LocalAuthentication doc about FaceID:

https://developer.apple.com/documentation/localauthentication

One new property, biometryType, to tell if device supports Touch ID or Face ID:

https://developer.apple.com/documentation/localauthentication/lacontext/2867583-biometrytype


But I can't find any doc about protecting keychain items with Face ID similar to Touch ID.

Will the documentation for this be available later or is only Local Authentication supported for Face ID?

If protecting keychain items with Face ID is supported, what will happen with applications that currently are using for example kSecAccessControlTouchIDCurrentSet or kSecAccessControlUserPresence to limit access to keychain items?


Br,

Johan

Replies  1
Boosts  0
Views  2.0k
Participants  2
jzilske OP
Sep ’17

> Will the documentation for this be available later or is only Local Authentication supported for Face ID?


The new Face ID Security whitepaper (https://images.apple.com/business/docs/FaceID_Security_Guide.pdf) states:


"Keychain items can also be protected with Face ID, to be released by the Secure Enclave only by a facial match or the device passcode. App developers also have APIs to verify that a passcode has been set by the user before requiring Face ID or a passcode to unlock keychain items."


> what will happen with applications that currently are using for example kSecAccessControlTouchIDCurrentSet or kSecAccessControlUserPresence to limit access to keychain items?


The API diffs (https://developer.apple.com/documentation?changes=latest_major) don't show changes in neither LocalAuthentication nor Security, so that's still unclear.

0
Protect Keychain items with FaceID
First post date Last post date
 
 
Q