This article, created by Mayank Birani, the author of Learning iOS 8 for Enterprise, Apple introduced a new feature in iOS 7 called Touch ID authentication. Previously, there was only four-digit passcode security in iPhones; now, Apple has extended security and introduced a new security pattern in iPhones. In Touch ID authentication, our fingerprint acts as a password. After launching the Touch ID fingerprint-recognition technology in the iPhone 5S last year, Apple is now providing it for developers with iOS 8. Now, third-party apps will be able to use Touch ID for authentication in the new iPhone and iPad OSes. Accounting apps, and other apps that contain personal and important data, will be protected with Touch ID. Now, you can protect all your apps with your fingerprint password.
(For more resources related to this topic, see here.)
There are two ways to use Touch ID as an authentication mechanism in our iOS 8 applications. They are explained in the following sections.
Touch ID through touch authentication
The Local Authentication API is an API that returns a Boolean value to accept and decline the fingerprint. If there is an error, then an error code gets executed and tells us what the issue is.
Certain conditions have to be met when using Local Authentication. They are as follows:
- The application must be in the foreground (this doesn't work with background processes)
- If you're using the straight Local Authentication method, you will be responsible for handling all the errors and properly responding with your UI to ensure that there is an alternative method to log in to your apps
Touch ID through Keychain Access
Keychain Access includes the new Touch ID integration in iOS 8. In Keychain Access, we don't have to work on implementation details; it automatically handles the passcode implementation using the user's passcode. Several keychain items can be chosen to use Touch ID to unlock the item when requested in code through the use of the new Access Control Lists (ACLs). ACL is a feature of iOS 8. If Touch ID has been locked out, then it will allow the user to enter the device's passcode to proceed without any interruption.
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at €18.99/month. Cancel anytime
There are some features of Keychain Access that make it the best option for us. They are listed here:
- Keychain Access uses Touch ID, and its attributes won't be synced by any cloud services. So, these features make it very safe to use.
- If users overlay more than one query, then the system gets confused about correct user, and it will pop up a dialog box with multiple touch issues.
How to use the Local Authentication framework
Apple provides a framework to use Touch ID in our app called Local Authentication. This framework was introduced for iOS 8. To make an app, including the Touch ID authentication, we need to import this framework in our code. It is present in the framework library of Apple. Let's see how to use the Local Authentication framework:
- Import the Local Authentication framework as follows:
#import<localAuthentication/localAuthentication.h>
This framework will work on Xcode 6 and above.
- To use this API, we have to create a Local Authentication context, as follows:
LAContext *passcode = [[LAContext alloc] init];
- Now, check whether Touch ID is available or not and whether it can be used for authentication:
- (BOOL)canEvaluatePolicy:(LAPolicy)policy error:
(NSError * __autoreleasing *)error;
- To display Touch ID, use the following code:
- (void)evaluatePolicy:(LAPolicy)policy localizedReason:
(NSString *)localizedReason
reply:(void(^)(BOOL success, NSError *error))reply;
- Take a look at the following example of Touch ID:
LAContext *passcode = [[LAContext alloc] init];
NSError *error = nil;
NSString *Reason =
<#String explaining why our app needs authentication#>;
if ([passcode canEvaluatePolicy:
LAPolicyDeviceOwnerAuthenticationWithBiometrics
error:&error])
{
[passcode evaluatePolicy:
LAPolicyDeviceOwnerAuthenticationWithBiometrics
localizedReason:Reason reply:^(BOOL success, NSError
*error) {
if (success)
{
// User authenticated successfully
} else
{
// User did not authenticate successfully,
go through the error
}
}];
}
else
{
// could not go through policy look at error and show
an appropriate message to user
}
Summary
In this article, we focused on the Touch ID API, which was introduced in iOS 8. We also discussed how Apple has improved its security feature using this API.
Resources for Article:
Further resources on this subject:
Germany
Slovakia
Canada
Brazil
Singapore
Hungary
Philippines
Mexico
Thailand
Ukraine
Luxembourg
Estonia
Lithuania
Norway
Chile
United States
Great Britain
India
Spain
South Korea
Ecuador
Colombia
Taiwan
Switzerland
Indonesia
Cyprus
Denmark
Finland
Poland
Malta
Czechia
New Zealand
Austria
Turkey
France
Sweden
Italy
Egypt
Belgium
Portugal
Slovenia
Ireland
Romania
Greece
Argentina
Malaysia
South Africa
Netherlands
Bulgaria
Latvia
Australia
Japan
Russia
