Detect if a change has been made to biometrics using FaceID or TouchID

Privacy & Security General
willy.moral
willy.moral OP
Created 1w
Replies 2
Boosts 0
Views 319
Participants 3

Hi team, is there a native way to detect if a change has been made to biometrics using FaceID or TouchID? Thanks in advance.

Answered by DTS Engineer in 846924022

You can do this using the LADomainState type, or the evaluatedPolicyDomainState property on older systems.

Why would a third party have to know and the right to know?

Because some folks want to implement a security policy that only works with the current biometric setup. Indeed, the keychain implements this exact policy, via the .biometryCurrentSet property.

Note that these APIs don’t return detailed information about the biometric setup. Rather, they return an opaque hash that you can check between calls.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Replies  2
Boosts  0
Views  319
Participants  3
Claude31
Claude31 OP
1w

Why would a third party have to know and the right to know ? IMHO that would be a privacy (and possibly security) breach, isn't it ?

1
Apple Staff, DTS Engineer
DTS Engineer OP
Apple
1w
Recommended

You can do this using the LADomainState type, or the evaluatedPolicyDomainState property on older systems.

Why would a third party have to know and the right to know?

Because some folks want to implement a security policy that only works with the current biometric setup. Indeed, the keychain implements this exact policy, via the .biometryCurrentSet property.

Note that these APIs don’t return detailed information about the biometric setup. Rather, they return an opaque hash that you can check between calls.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1
Detect if a change has been made to biometrics using FaceID or TouchID
First post date Last post date
 
 
Q