Dev: Require Passcode or Biometrics | Voters

Dev: Require Passcode or Biometrics

complete

Cron Ninja

The ability to add a parameter to a request for approval that requires the users to enter a passcode, scan finger or face.

If the user doesn't have the feature set they won't be able to sign-in or approve a payment.

April 30, 2020

This post was marked as

complete

Wietse Wind

marked this post as

planned

Wietse Wind

You mean on a per payload basis? Where does the passcode come from, and what if the recipient (signer) doesn't have biometrics on their device?

Cron Ninja

Wietse Wind: Guess we don’t need a passcode when there is a passphrase . I was overthinking that aspect.

The biometrics part would be for enterprise applications, so everyone with in an organization would have a compatible devices. I guess an easier solution would be adding “authenticated_with“ to the payloadResponse

Wietse Wind

Cron Ninja: So the authenticated_with would be an enum containing either "BIOMETRICS", "PIN" or "PASSPHRASE" correct?

And do you have an actual application you would like to build on the XUMM API if this is available?

Cron Ninja

Wietse Wind: That is correct and yes I am currently building an application on the XUMM API.  
The current scope of the project doesn’t require this feature, but to be able to take app in the direction I want it would be required for compliance reasons.
For in-house use the current solution is perfect, but to integrate this feature set with a specific agency we would be required to have our users authenticate in a specific manner. This feature isn’t need for awhile I am just thinking down the road!
Lastly, thank you and your colleagues for all your great work!

Wietse Wind

Cron Ninja: Thank you, clear :) We'll add this.