search

EddyVerbruggen / cordova-plugin-touch-id

:nail_care: 👱‍♂️ Forget passwords, use a fingerprint scanner!
MIT License
214 stars 72 forks source link

Use evaluatedPolicyDomainState to detect when a finger is enrolled or removed #8

Closed ikosta closed 8 years ago

ikosta commented 8 years ago

It's a new iOS 9 property for the LocalAuthentication.framework.

Actually when adding a new fingerprint this plugin will just work with the new fingerprint, but what if the device code is hijacked and a new fingerprint added by the hijacker. He can then just unlock any app that uses this plugin with that new fingerprint.

See this for more details: https://godpraksis.no/2016/03/fingerprint-trojan/

And this for an example implementation: https://github.com/dannycabrera/DotNetMiami/blob/master/ViewController.cs

EddyVerbruggen commented 8 years ago

Hi @ikosta thanks of this very useful issue and those links you provided!

So as I understand it you can programmatically check whether or not the list of enrolled fingerprints changed since the last time you authenticated and then the developer can decide if he wants to have the user re-authenticate himself (which seems like a smart thing to do at that point).

I don't want to sit on the developer's chair and just check this every time the user scans his fingerprint as I'd have to invoke the errorhandler and most devs probably assume the user made a mistake.

I'd rather make this more explicit and add a new method to the API where the developer can choose to (and is encouraged to) check whether or not the list of enrolled fingerprints changed since the last time this function was called, and if so the dev should have the user re-authenticate himself before he can use his fingerprint(s) again.

That's likely the best balance between secutiry, devs not breaking app experiences, and me not getting overwhelmed with false bugreports.

So recommended usage of this plugin will then change from this:

window.plugins.touchid.isAvailable(
  function(available) {
    if (available) {
      // call the fingerprint scanner
    }
  }
);

To this:

window.plugins.touchid.isAvailable(
  function(available) {
    if (available) {
      window.plugins.touchid.didFingerprintDatabaseChange(
        function(changed) {
          if (changed) {
            // re-auth the user by asking for his credentials before allowing a fingerprint scan again
          } else {
            // call the fingerprint scanner
          }
        }
      );
    }
  }
);

Does that make sense? :)

ikosta commented 8 years ago

Hi Eddy,

that would be perfect and will be the best solution.

Thanks for all your plugins and the maintenance!

EddyVerbruggen commented 8 years ago

Hey @ikosta thanks for the help on this. Check the readme for details on the new feature and please give it a spin. use the master branch as it's not released to npm yet.

ikosta commented 8 years ago

I'll implement it and give you feedback. Thanks!

EddyVerbruggen commented 8 years ago

Closing for now, please reopen if anything pops up.