Touch ID is the Apple feature that using a capacitive biometric sensor, scans fingerprints and compares them with those stored in the system.
Its use is increasingly demanded because it allows unlocking devices and/or iOS applications easily placing a finger on the sensor that identifies us as trusted device users. This feature adds simplicity as well as a secure access to our data.
Touch ID not only can be used to unlock the device, but also our applications!
We will follow a behaviour similar to the OS one. Before starting working with fingerprints, we have to set a pincode for the app. And in addition, when the users want to unlock the app, they can choose Touch ID or Passcode . Thus, we avoid blockages in case the fingerprint can’t be scanned.
Let’s code it!!
The Apple Local Authentication Framework , communicates with the sensor. For example, it let us know if Touch ID is available. Keep in mind that not all devices have this feature:
- (BOOL)isTouchIDAvailable {
NSError *error = nil;
if([[[LAContext alloc] init] canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error]){
return true;
}
else{
DLog(@"touchID not available: %@", error.description);
return false;
}
}Right!! After checking that Touch ID is ready, we can show an alertView to ask the user to place the finger to be scanned and compare it with the stored fingerprints:
- (void)showTouchIDAuth {
if (self.isTouchIDAvailable) {
[[[LAContext alloc] init] evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:@“Unlock ownCloud" reply:^(BOOL success, NSError * error){
if(error) {
NSString *failureReason;
//depending on error show what exactly has failed
switch (error.code) {
// Authentication was not successful, because user failed to provide valid credentials.
case LAErrorAuthenticationFailed:
failureReason = @"Touch ID authentication failed because user failed to provide valid credentials";
break;
// Authentication was canceled by user (e.g. tapped Cancel button).
case LAErrorUserCancel:
failureReason = @"Touch ID authentication cancelled";
break;
// Authentication was canceled, because the user tapped the fallback button (Enter Password)
case LAErrorUserFallback:
failureReason = @"Touch ID authentication choose password selected";
break;
// Authentication was canceled by system (e.g. another application went to foreground).
case LAErrorSystemCancel:
failureReason = @"Touch ID authentication was canceled by system";
break;
// Authentication could not start, because passcode is not set on the device.
case LAErrorPasscodeNotSet:
failureReason = @"Touch ID authentication failed because passcode is not set on the device";
break;
// Authentication could not start, because Touch ID is not available on the device.
case LAErrorTouchIDNotAvailable:
failureReason = @"Touch ID authentication is not available on the device";
break;
// Authentication could not start, because Touch ID has no enrolled fingers.
case LAErrorTouchIDNotEnrolled:
failureReason = @"Touch ID authentication failed because has no enrolled fingers";
break;
default:
failureReason = (error.code == -1000)? @"Touch ID time out":@"Touch ID unknown error";
break;
}
DLog(@"Authentication failed: %@", failureReason);
}
if(success) {
DLog(@"Successfully Touch ID authenticated");
}
else{
DLog(@"Touch ID. The finger print doesn't match");
}
}];
} else {
DLog(@"Your device cannot authenticate using TouchID.");
}
}How would the view look like?
After showing the alertView, the user has up to 3 attempts to unlock the app with Touch ID. If the scanning fails or the cancel option is tapped, the pincode can be entered.
Do you use Touch ID to unlock your apps? We have implemented it on ownCloud iOS app. Feel free to have a look and contribute: https://github.com/owncloud/ios
