Identify in an app when the set of fingerprints for TouchID has changed

Number:rdar://20170090 Date Originated:16-03-2015
Status: Resolved:
Product: Product Version:
Classification: Reproducible:
In order to make sure, just like Apple's own apps, that someone hasn't maliciously added an un-approved fingerprint to an iPhone, I need a hook that I can query when the app starts, so that if the set of fingerprints has changed, the user will be forced to re-authenticate against my backend.

Steps to Reproduce:
1. Open my app (not made yet)
2. Create an account and authenticate
3. Close the app
4. Add a new fingerprint to the iPhone
5. Start my app again

Expected Results:
I would now like to ask the user to re-authenticate

Actual Results:
I dont have any hooks, so basicly anyone can access my apps data, if they have an fingerprint added to the iPhone



iPhone and iPad



Already possible

Take a look at:

The data returned by that method changes every time there is some change to the TouchID or FaceID underlying structure. It is not clear, by design, when it changes but we have tested it and we know that at least it changes when fingers are added / removed.

By elorz.mikel at Sept. 30, 2019, 8:24 a.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!