Facial recognition on Android with expo-secure-storage

We are trying to use the expo-secure-storage to story encripted data and protect with biometry.

I’m able to use the requireAuthentication=true and works fine on iOS with TouchID and FaceID, but in Android it only uses Fingerprint, and never show the Facial Recognition option. (Yes Facial Recognition is available in my device Samsung A71)

I know that we can use expo-local-authentitation to use the biometry authentication first, and then use secure-storage separately to store the data, but according with our pentest consultancy, this could represent a security lack on a malicious device.

It’s possible to use Facial Recognition on Android with expo-secure-storage?

expo-env-info 1.0.5 environment info:
OS: macOS 13.2.1
Shell: 5.8.1 - /bin/zsh
Node: 18.14.1 - ~/.nvm/versions/node/v18.14.1/bin/node
Yarn: 3.5.0 - ~/.nvm/versions/node/v18.14.1/bin/yarn
npm: 9.3.1 - ~/.nvm/versions/node/v18.14.1/bin/npm
Watchman: 2023.04.24.00 - /opt/homebrew/bin/watchman
CocoaPods: 1.12.0 - /Users/douglas.junior/.rbenv/shims/pod
Platforms: DriverKit 22.2, iOS 16.2, macOS 13.1, tvOS 16.1, watchOS 9.1
Android SDK:
API Levels: 29, 30, 31, 33, 33
Build Tools: 30.0.2, 30.0.3, 31.0.0, 33.0.0, 34.0.0
Android Studio: 2022.1 AI-221.6008.13.2211.9477386
Xcode: 14.2/14C18 - /usr/bin/xcodebuild
expo: 48.0.12 => 48.0.12
react: 18.2.0 => 18.2.0
react-dom: 18.2.0 => 18.2.0
react-native: 0.71.8 => 0.71.8
eas-cli: 3.9.0
Expo Workflow: bare

I think that I found the reason:

Basically, in some devices the Facial recognition is considered a “biometric weak”, so only Fingerprint will be prompted when using with Cipher like expo-secure-storage do.


This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.