Links

PIN authentication

Use a PIN to perform specific operations when biometric authentication is not necessary
In some use-cases you may want to use an alternative authentication mechanism bypassing the biometric recognition (facial recognition). For those particular use-cases you can use the PIN as authentication mechanism.
PIN and biometrics authentication mechanisms are not equivalent in terms of feature they unlock. At the moment PIN authentication mechanism only supports Operation info
Keyless requires at least one authentication mechanism to be present so you cannot enroll a user without any authentication mechanism and it is not possible to remove the authentication mechanism if it is the only one available for a specific user.
The possible authentication mechanism are:
  1. 1.
    biometrics (user face embeddings)
  2. 2.
    pin (secure code)
For retro-compatibility: if no authentication mechanism is specified biometric will be used by default.
To use the PIN you only need to add the PIN parameter to the builder configuration as shown in what follows.

Enrollment with PIN

Android
iOS
val configuration = EnrollmentConfiguration.builder
.withPin("myPin")
.build()
let configuration = Keyless.EnrollmentConfiguration.builder
.withPin("myPin")
.build()
You cannot enroll with the PIN and the biometrics in the same enroll (for example also using Custom token in the same EnrollmentConfiguration) to enroll several authentication mechanism you need to call the Keyless.enroll twice, each time with the authentication mechanism you want to enable.

Authentication with PIN

As for enrollment, to use the PIN for authentication specify the dedicated builder parameter:
Android
iOS
val configuration = AuthenticationConfiguration.builder
.withPin("myPin")
.build()
let configuration = Keyless.AuthenticationConfiguration.builder
.withPin("myPin")
.build()
Recall At the moment PIN authentication mechanism only supports Operation info

De-enrollment with PIN

To de-enroll you user using the PIN authentication mechanism specify the dedicated builder parameter:
Android
iOS
val configuration =
DeEnrollmentConfiguration.builder
.withPin("myPin")
.build()
let configuration =
Keyless.DeEnrollmentConfiguration.builder
.withPin("myPin")
.build()
Note: de-enrolling with PIN means de-enrolling the user, as a consquence the user biometrics will be deleted as well. If you do not want to de-enroll the user but still remove the PIN authentication mechanism please employ the PIN utilities.

PIN utilities

To change the PIN use the Keyless.changePin API:
Android
iOS
fun changePin(
oldPin: String,
newPin: String,
onCompletion: (KeylessResult<KeylessSdkSuccess, KeylessSdkError>) -> Unit
)
public static func changePin(
oldPin: String,
newPin: String,
completionHandler: @escaping (KeylessSDKError?) -> Void
)
To remove the PIN and keep the user enrolled use the Keyless.removePin API:
Android
iOS
fun removePin(
pin: String,
onCompletion: (KeylessResult<KeylessSdkSuccess, KeylessSdkError>) -> Unit
)
public static func removePin(
pin: String,
completionHandler: @escaping (KeylessSDKError?) -> Void
)