Biometric Authentication in iOS Apps

Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify their identity. This project demonstrates the implementation of biometric authentication using various biometric modalities such as fingerprint recognition, facial recognition, and iris recognition.

Explore More: To see the complete code and understand the flow in more detail, check out my GitHub repository. Feel free to clone the repo, try it out, and provide any feedback or suggestions.

Biometric Authentication in iOS Apps

Implementing Biometric Authentication:

First, let’s create a button in our main view that the user will tap to initiate the authentication process, and in that button action we’re going to handle our authentication results.

import LocalAuthentication
import UIKit

class ViewController: UIViewController {

    @IBOutlet weak var authenticationButton: UIButton!

    override func viewDidLoad() {
        super.viewDidLoad()
        authenticationButton.addTarget(self, action: #selector(authenticate), for: .touchUpInside)
    }

    @objc
    private func authenticate() {
        let context = LAContext()
        var error: NSError? = nil

        if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) {
            let reason = "Please authorize with Face ID"
            context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: reason) { [weak self] success, error in
                DispatchQueue.main.async {
                    guard success, error == nil else {
                        return
                    }

                    let vc = SuccessViewcontroller()
                    DispatchQueue.main.asyncAfter(deadline: .now()+1){
                        self?.navigationController?.setViewControllers([vc], animated: true)
                    }
                }
            }
        } else {
            self.generateAlert(title: "Unavailable", message: "You can't use this feature", actionTitle: "Dismiss")
        }
    }
}

Handling Authentication-Results:

When the user attempts to authenticate, the app will either proceed to the next screen or display an error message. We handle this in the completion handler of the evaluatePolicy method.

Explanation of Handling Authentication in detail:

1. LocalAuthentication: This framework provides methods for biometric authentication using Face ID or Touch ID.
2. LAContext: This is the primary interface for evaluating authentication policies.
3. NSError: This is used to capture any errors that occur during the authentication process.
4. canEvaluatePolicy(_:error:): This method checks if the device supports biometric authentication and if it is available for use. It returns a Boolean value.
5. .deviceOwnerAuthenticationWithBiometrics: This policy requires the user to authenticate using biometrics (Face ID or Touch ID).
6. reason: This string is presented to the user in the authentication prompt, explaining why the app is requesting biometric authentication.
7. evaluatePolicy(_:localizedReason:reply:): This method attempts to authenticate the user with biometrics.

Displaying Alerts:

It’s crucial to provide feedback to the user if authentication fails or if the device doesn’t support biometric authentication.

extension ViewController {
    func generateAlert(title: String, message: String, actionTitle: String) {
        let alertVC = UIAlertController(title: title, message: message, preferredStyle: .alert)
        let alertAction = UIAlertAction(title: actionTitle, style: .cancel, handler: nil)
        alertVC.addAction(alertAction)
        present(alertVC, animated: true)
    }
}

Configuring Info.plist:

To use Face ID or Touch ID in your app, you need to add a usage description to your Info.plist file. This description explains to the user why your app needs access to biometric authentication.

1. Open your Info.plist file.
2. Add a new key NSFaceIDUsageDescription (or Privacy - Face ID Usage Description in the key editor) with a message explaining why your app needs to use Face ID. For example: "This app uses Face ID for secure authentication."
3. If you are supporting Touch ID, add NSFaceIDUsageDescription as well.

Your Info.plist file should look something like this:

<key>NSFaceIDUsageDescription</key>
<string>This app uses Face ID for secure authentication.</string>

Testing Biometric Authentication:

To test biometric authentication on the iOS Simulator:

1. Enable Face ID: Go to Simulator > Features > Face ID > Enrolled
2. Test with a Matching Face: Go to Simulator > Features > Face ID > Matching Face
3. Test with a Non-matching Face: Go to Simulator > Features > Face ID > Non-matching Face