Biometric Service
Component Detail
Service Layer
medium complexity
mobile
0
Dependencies
0
Dependents
1
Entities
0
Integrations
Description
Coordinates the biometric authentication flow by invoking the OS biometric APIs and unlocking the locally stored refresh token on success. Manages enrollment state and decides when to fall back to primary authentication.
biometric-service
Sources & reasoning
Biometric session unlock is listed under Mobile App Architecture as a core auth capability, not deferred. It is implicit in the MVP scope alongside email/password (which is named MVP), and §1.1's lowest-cognitive-load principle treats it as table stakes. Target_release 'MVP' matches §5 Fase 1 phase name.
-
docs/source/likeperson.md · line 26BankID eller Vipps som foretrukket autentisering ved førstegangs innlogging, med biometrisk innlogging (Face ID / fingeravtrykk) etterpå
-
docs/source/likeperson.md · line 211Biometric session authentication (Face ID / fingerprint)
-
docs/source/likeperson.md · line 205Biometric session unlock (Face ID / fingerprint) after first login.
Responsibilities
- Invoke platform biometric APIs (LocalAuthentication, BiometricPrompt)
- Unlock refresh token from Secure Token Store on successful biometric match
- Track enrollment status and biometric availability per device
- Trigger fallback to email-password-login flow on failure or lockout
- Refresh session tokens against the backend using the unlocked refresh token
Interfaces
authenticateWithBiometrics(): Session
enrollBiometrics(userId): EnrollmentResult
isBiometricAvailable(): BiometricCapability
disableBiometrics(userId): void