BiometricAuthService
Component Detail
Service Layer
medium complexity
mobile
0
Dependencies
0
Dependents
1
Entities
0
Integrations
Description
Orchestrates the biometric authentication flow by coordinating between the platform biometric API and the SecureTokenStore. Validates hardware and enrollment status before attempting authentication and retrieves the stored session token on success. Does not issue new credentials - it unlocks an already-established session.
biometric-auth-service
Sources & reasoning
Line 42 describes biometrics as the follow-up to BankID/Vipps first-time login, explicitly naming Face ID and fingerprint. Line 276 specifies tokens stored in the platform secure store, which is the mechanism biometric unlock uses. Both references place this in the Fase 2 / BankID-Vipps rollout context, mapping to v1.0.
-
docs/source/likeperson.md · line 42med biometrisk innlogging (Face ID / fingeravtrykk) etterpå
-
docs/source/likeperson.md · line 276Biometric session unlock (Face ID / fingerprint) after first login. Mobile stores tokens in the platform secure store
Responsibilities
- Check device biometric hardware availability and enrollment status
- Initiate platform authentication challenge and interpret the result
- Retrieve the session token from SecureTokenStore upon successful biometric verification
- Invalidate the stored token and trigger fallback when biometric lockout is detected
- Expose enrollment state to the UI layer for conditional rendering
Interfaces
isBiometricAvailable(): Promise<boolean>
isEnrolled(): Promise<boolean>
authenticate(reason: string): Promise<AuthResult>
disableBiometric(): Promise<void>