Overview​

The method for exchanging tokens in the biometrics login flow has been updated to make implementation simpler.

All frameworks​

On biometric login, a token is returned to the SDK; this token is used for two purposes:

1. For your backend to swap for an access token, which can then be used by your backend for all multi API endpoints
2. To be set automatically in the SDK, so that UI components (for example card components) can de-tokenise values retrieved by your backend and display the information in plain text to the user. It is no longer required to call "Set user token" (setUserToken) for UI components.

See biometrics overview for a swimlane of a sample implementation, and the iOS documentation for specific instructions.

Overview​

Fixes and clarifications for checking a device's status in relation to biometrics authentication.

Added​

UXComponents.psa.isEnrolled method returns a boolean with whether the user is currently enrolled or not.

Deprecated​

UXComponents.psa.checkDeviceIsEnrolled is now deprecated. In the past it returned false, it now returns the same value as isEnrolled.

Fixes​

Fixed a scenario where the device of the user would be unable to enrol if a partial representation of the enrolment data is present in the device.

Notes​

For clarity, the behaviour of the different methods to check the state of the SDK are:

• UXComponents.psa.checkReadyForAuth returns true if the device is ready to perform a biometrics check for the biometric login flow.
• UXComponents.psa.checkIsReadyForEnrollment returns true if the device's FCM token has been successfully uploaded to Weavr's API.
• UXComponents.psa.isEnrolled returns true if the device is enrolled. Note that the enrolment check is local. Therefore if the user enrols on another device, the enrolment of this device can no longer be used.

Overview​

The Biometric Authentication component now supports the authentication of the end user via password rather than passcode. The password is used in two scenarios related to biometrics:

1. As a pre-requisite to biometrics enrolment, to authenticate the user for the first time
2. As a fall-back method of authenticating the user if biometrics fails (e.g. fingerprint not recognised)

1. Pre-requisites​

Configure Weavr Authentication to "Password" in the embedder portal. If necessary, this can be applied for you in sandbox by Weavr support.

Integrate to the Password Component to authenticate the user for the first time; see password component documentation.

2. Fall-back authentication method​

If during biometric login, biometrics fails (e.g. fingerprint not recognised), the SDK will automatically provide a screen for the user to authenticate via the alternative method of their password.

Overview​

The v3 release introduces a unified biometric enrolment and authentication process across platforms.

Note: Users who were previously enrolled using earlier SDK versions will be required to re-enrol due to changes in the token architecture introduced in v3.

• A refresh of the Firebase JSON is required in sandbox (and production if applicable). The new firebase token will work with the v3 SDK. If you had previously provided a firebase token (to work with v1 or v2 SDK), this will no longer be displayed in the embedder portal, but it will still be applicable for that SDK.
  • Generate a new token (with the same configuration) from your Firebase Console
  • In the embedder portal, re-enable Biometric Authentication, and then Provide your Firebase Json file. Even if you had previously configured a firebase Json, a new one must be provided.
  • Re-enable Biometrics for user actions
  • Previously enrolled users will have to enrol again
• Changes to un-enrolment behaviour. Previously, a new user was allowed to enrol on a device that was already being used; and the old user would be unenrolled automatically. Now, the app must be uninstalled, or the user unlinked via multi-API, before a new user can enrol on the device. See un-enrolment section of the docs.

iOS​

Minimum supported iOS version: 15.1​

Legacy compatibility support for iOS versions below 15.1 has been dropped.

Key changes​

• The biometrics user enrolment flow now requires an OTP. This is delivered via SMS, and input by the user into an integrated screen in the component.
• The ability to exchange tokens via the SDK has been removed. For the biometrics login flow, the auth token is shared via webhook only and must be exchanged for an access token via your backend to the Weavr multi API.
• New method UXComponents.setAppCheckToken
  • add AppCheck SDK. Use the same project setup as described in the All section
  • generate a token
  • UXComponents.setAppCheckToken(GENERATED_TOKEN)

iOS v1.6.6​

iOS 1.6.6 adds Swift Package Manager support without introducing any changes to the SDK itself since 1.6.5.

You can follow the Swift Package Manager installation guide for more information.

If you want to transition from Cocoapods to Swift Package Manager, we recommend to:

1. Remove the pod 'WeavrComponents' line from your Podfile, alongside the IdensicMobileSDK dependency.
2. If no more pod statements are present in your Podfile, you can get rid of the Cocoapods setup altogether.
3. Follow the Swift Package Manager installation guide.

iOS v1.6.3​

Added WeavrChallengeType to determine the type of challenge that the push notification received, is related to. See Initiate a challenge, Receive a push notification for more details.

iOS v1.6.0​

• Support for 3DS
• Performance improvements for Biometrics & Login
• Bug fixed related to Apple Push Notification Service

Update to latest SDK version​