IOS8 fingerprint recognition TouchID

Apple launched the new version of the iOS8 system at the Opening Ceremony of WWDC2014 on June 14, June 3, 2014. The iOS8 and iOS7 on the interface were not changed much, but they were improved in terms of functions. The iOS8 notification center is more powerful, supports direct message reply, and supports QuickType and third-party input methods. The text message function has been significantly improved. It supports group chat, voice and video sending, and geographic location sharing. From the perspective of end users, many new functions of ios8. IOS8 will open TouchID access to third-party software, which means that the sensor can be used to log on to banking applications.

Third-party applications can use the TouchID interface, which means that many future applications can use the fingerprint recognition function. You can use Touch ID to log on to a third-party application without a password. Your fingerprint data is protected and cannot be accessed by other programs without being permitted.

According to Apple's explanation, the probability of a single registered fingerprint to a random match with another person's fingerprint is one in 50 thousand.

Apple claims that the "Secure Enclave" module system can safely manage and identify users' fingerprints, and separately Store Users' fingerprint information in other systems, at the same time, it is managed through the encrypted memory and a hardware random digital password generator.

Each "Secure Enclave" is set separately and cannot access other parts of the system. It has its own independent UID (unique ID), and even Apple does not know the UID. When the device starts, Touch ID will temporarily create a secret key to work with the UID of "Secure Enclave" to encrypt the memory space of the device.

In a file released by Apple, Apple's fingerprint recognition authorization for the A7 processor is described as follows: A7 and Touch ID communicate through a serial peripheral interface bus. The A7 processor sends data to "Secure Enclave", but does not read the data content. Both encryption and authentication use the shared key between Touch ID and Secure Enclave. Communication Key Exchange uses a random AES key provided by both parties, creates a session key randomly, and uses AES-CCM transmission encryption.

It is understood that the fingerprint sensor in the iPhone 5s detects the protruding lines on the skin. It does not detect dead-skin fingerprints outside users' fingers, which are easily copied.The iPhone 5s fingerprint sensor uses RF signals to detect the "active" fingerprint of the skin at the bottom of the user's finger surface. If the finger is separated from the human body, the sensor cannot detect the fingerprint. Therefore, users do not have to worry about being used to unlock the device after the fingerprint is copied or stolen, because the sensor cannot identify the "dead" fingerprint.

I recently studied the iOS8 documentation, learned about fingerprint recognition, and downloaded an official Demo. However

NS_CLASS_AVAILABLE (10_10, 8_0)

From this sentence, we can see that to use the TouchID interface, the mac system of the computer must be 10.10, And the iOS system of the mobile phone must be 8.0, I have not upgraded the computer system for this Demo (after all, it is not stable ). However, according to the code and documentation in the Demo, we can see the basic usage of TouchID.

1. Use TouchID first. Import the dependency package first:LocalAuthentication. framework.

2. Check whether the device can use TouchID and return the BOOL type success:

LAContext *context = [[LAContext alloc] init];    __block  NSString *msg;    NSError *error;    BOOL success;        // test if we can evaluate the policy, this test will tell us if Touch ID is available and enrolled    success = [context canEvaluatePolicy: LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error];    if (success) {        msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_AVAILABLE", nil)];    } else {        msg =[NSString stringWithFormat:NSLocalizedString(@"TOUCH_ID_IS_NOT_AVAILABLE", nil)];    }

3. If the device can use TouchID, success of BOOL type will be returned in the code block:

LAContext *context = [[LAContext alloc] init];    __block  NSString *msg;        // show the authentication UI with our reason string    [context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:NSLocalizedString(@"UNLOCK_ACCESS_TO_LOCKED_FATURE", nil) reply:     ^(BOOL success, NSError *authenticationError) {         if (success) {             msg =[NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_SUCCESS", nil)];         } else {             msg = [NSString stringWithFormat:NSLocalizedString(@"EVALUATE_POLICY_WITH_ERROR", nil), authenticationError.localizedDescription];         }     }];

4. The following two methods are defined in LocalAuthentication. framework/Headers/LAContext. h:

/// Determines if a particular policy can be evaluated.////// @discussion Policies can have certain requirements which, when not satisfied, would always cause///             the policy evaluation to fail. Examples can be a passcode set or a fingerprint///             enrolled with Touch ID. This method allows easy checking for such conditions.//////             Applications should consume the returned value immediately and avoid relying on it///             for an extensive period of time. At least, it is guaranteed to stay valid until the///             application enters background.////// @warning    Do not call this method in the reply block of evaluatePolicy:reply: because it could///             lead to a deadlock.////// @param policy Policy for which the preflight check should be run.////// @param error Optional output parameter which is set to nil if the policy can be evaluated, or it///              contains error information if policy evaluation is not possible.////// @return YES if the policy can be evaluated, NO otherwise.- (BOOL)canEvaluatePolicy:(LAPolicy)policy error:(NSError * __autoreleasing *)error;/// Evaluates the specified policy.////// @discussion Policy evaluation may involve prompting user for various kinds of interaction///             or authentication. Actual behavior is dependent on evaluated policy, device type,///             and can be affected by installed configuration profiles.//////             Be sure to keep a strong reference to the context while the evaluation is in progress.///             Otherwise, an evaluation would be canceled when the context is being deallocated.//////             The method does not block. Instead, the caller must provide a reply block to be///             called asynchronously when evaluation finishes. The block is executed on a private///             queue internal to the framework in an unspecified threading context. Other than that,///             no guarantee is made about which queue, thread, or run-loop the block is executed on.//////             Implications of successful policy evaluation are policy specific. In general, this///             operation is not idempotent. Policy evaluation may fail for various reasons, including///             user cancel, system cancel and others, see LAError codes.////// @param policy Policy to be evaluated.////// @param reply Reply block that is executed when policy evaluation finishes.////// @param localizedReason Application reason for authentication. This string must be provided in correct///                        localization and should be short and clear. It will be eventually displayed in///                        the authentication dialog subtitle. A name of the calling application will be///                        already displayed in title, so it should not be duplicated here.////// @param success Reply parameter that is YES if the policy has been evaluated successfully or NO if///                the evaluation failed.////// @param error Reply parameter that is nil if the policy has been evaluated successfully, or it contains///              error information about the evaluation failure.////// @warning localizedReason parameter is mandatory and the call will throw NSInvalidArgumentException if///          nil or empty string is specified.////// @see LAError////// Typical error codes returned by this call are:/// @li          LAErrorUserFallback if user tapped the fallback button/// @li          LAErrorUserCancel if user has tapped the Cancel button/// @li          LAErrorSystemCancel if some system event interrupted the evaluation (e.g. Home button pressed).- (void)evaluatePolicy:(LAPolicy)policy localizedReason:(NSString *)localizedReason reply:(void(^)(BOOL success, NSError *error))reply;

Welcome to check the test results!

(Please indicate the source for reprinting. Thank you! Http://blog.csdn.net/yujianxiang666/article/details/35280025)