6

Im using Touch id to identify iPhone users in my app, when is use canEvaluatePolicy: LAPolicyDeviceOwnerAuthenticationWithBiometrics to evaluate if the user is eligible for using Touch id, but after many failed tries even if the user is eligible for using touch id, it returns FALSE.

And that will lead the app to skip this step and thinks that the touch id is not supported in this device.

Here is the error i get:

Error Domain=com.apple.LocalAuthentication Code=-8 "Biometry is locked out." UserInfo={NSLocalizedDescription=Biometry is locked out.}

Mutawe
  • 6,464
  • 3
  • 47
  • 90
  • 1
    Do you have a question? After too many failed touch id attempts, you need the user to enter their passcode http://stackoverflow.com/questions/29728762/getting-touch-id-notification-if-passcode-is-used – Paulw11 Oct 24 '16 at 07:21
  • Mutawe: Have you found the answer to you problem? It seems that the problem is related to iOS 10 (for me it works properly on iOS 9) – tgebarowski Nov 24 '16 at 07:17
  • tgebarowski: For me once the Biometry is locked out, i ask the user to enter his profile password, since the login depends on web service user authenticating – Mutawe Nov 24 '16 at 08:09
  • Mutawe: understood. So you didn't find any way to unlock the biometry? – tgebarowski Nov 24 '16 at 08:14
  • Nothing yet, sadly! – Mutawe Nov 24 '16 at 11:11
  • @Mutawe I have installed PayPal iOS app in my phone which uses Finger print authentication for login. In that app even if we try to login with wrong finger (ie biometry locked out case) the app again falls back to the "canEvaluateTouchID" option without needing to unlock the device with passcode ? Any idea how this is implemented ? – subin272 Jun 12 '18 at 07:42

2 Answers2

12

Ok, I think that I found the answer. Hopefully it will help you. When you get

Error Domain=com.apple.LocalAuthentication Code=-8 "Biometry is locked out." UserInfo={NSLocalizedDescription=Biometry is locked out.}

iOS 10 blocks access to TouchID, it can be either unlocked by providing passcode on iOS unlock screen, accessing TouchID iOS settings and providing the passcode there or manually triggering the passcode screen from within the app. You can open the passcode screen using, following snippet.

let context = LAContext()
context.evaluatePolicy(LAPolicy.DeviceOwnerAuthentication,
                           localizedReason: reason,
                           reply: { (success, error) in
})

Of course you can first check if this policy can be evaluated.

So in the end, when the user successfully enters passcode, the biometry will be unlocked. Before iOS 10, this was done automatically by the operating system.

tgebarowski
  • 1,189
  • 11
  • 14
  • as you say, on iOS 10 TouchID also can be unlocked by "manually triggering the passcode screen from within the app“. But how? I know before iOS 10, you could just evalueatePolicy again, the system passcode input interface will appear and then activate the TouchID. but when you do this on iOS 10, you just get an error code -8 forever. Any help will be appreciated. :) – Neal.Marlin Jan 18 '17 at 03:05
  • 1
    Neal.Martin, sorry for such a late response. You have to re-evaluate policy with LAPolicy.DeviceOwnerAuthentication, when you get this error. When you do this you will display passcode screen. When user enters his PIN, biometrics will be unlocked. Prior to iOS 10 this step was not needed. – tgebarowski Feb 22 '17 at 07:52
  • Yep!I make it by my self. After evaluating policy with DeviceOwnerAuthentication, I got success code. Then I went back to the prior trick to form a checking cycle. That's it! Thanks all the same for U are so nice guy. :) – Neal.Marlin Feb 22 '17 at 08:01
0

You can unlock the biometry by authenticating the user using passcode. Just paste this function in your project and call this function before authenticating user using Touch ID.

If it returns true run Touch ID authentication and if it fails due to biometry lock out than it will ask user to enter iPhone passcode to unlock biometry. This will happen within the app.

func isBiometryReady() -> Bool
{
        let context : LAContext = LAContext();
                var error : NSError?

            context.localizedFallbackTitle = ""
            context.localizedCancelTitle = "Enter Using Passcode"

            if (context.canEvaluatePolicy(LAPolicy.deviceOwnerAuthenticationWithBiometrics, error: &error))
            {
                    return true
            }

            if error?.code == -8
            {
                let reason:String = "TouchID has been locked out due to few fail attemp. Enter iPhone passcode to enable TouchID.";
                context.evaluatePolicy(LAPolicy.deviceOwnerAuthentication,
                                       localizedReason: reason,
                                       reply: { (success, error) in

                                        return false

                })

                return true


            }

    return false
}
Prasad Patil
  • 117
  • 1
  • 10