Local Authentication

Local Authentication is used to authenticate users biometrically or with a passphrase, they already know.  It is used to implements biometric authentication like TouchID and FaceID. In this blog, we will see how to add biometrics into the application. So let’s begin.

Firstly we need to import the Local Authentication framework.

Secondly, we need to verify that the device supports FaceID or TouchID. For this, we need to use canEvaluatePolicy() method of the LAContext class. This method accepts the security policy type as an argument. So, You need to pass the security policy type in canEvaluatePolicy() method.  There are two types of security policy provided by this framework.

1. .deviceOwnerAuthenticationWithBiometrics

   • This policy type is used to authenticate using a biometric method (Touch ID or Face ID). If it is not available, not enrolled, or locked out, then the result of this policy will fail with LAErrorBiometryNotAvailable, LAErrorBiometryNotEnrolled, or LAErrorBiometryLockout. 

2. .deviceOwnerAuthentication

   • This policy type is used to be authenticated by biometry or device passcode. If it is available, enrolled, and not locked out, users are asked for it first. Else,  the device passcode fill option will be shown. If the passcode is not enabled, policy result will fail with LAErrorPasscodeNotSet.

Thirdly and most important you need to request the biometric system to ask the reason for the biometric scan. For TouchID you need to write the string in the code. And for FaceID you need to write the string in Info.Plist file.

 

Now we need to call the evaluatePolicy() method with the same security policy type and it accept a tailing closure which contains the result of the policy evaluation.

The tailing closure contains 2 parameters, 1st one contains the boolean condition which tells if the login is a success or not. If not successful then the error message will be shown on the 2nd parameter.

Now let the see the complete code of this Local Authentication feature.

Now the only last thing that remains to talk about is &error. The Local Authentication framework uses the Objective-C style for reporting the error, therefore, we need to use NSError for handle error.

 

Thank you for reading this article. If you want to read more articles regarding iOS Development click here or if you want to know more about Local Authentication then do check out this apple doc.