Biometric Authentication (Face ID / Fingerprint) - Likepersonsapp – Peer Mentor Activity Platform | Generated by Eircodex v3.0

Scope

medium complexity extracted Authentication & Access Control Confidence: 100%

4

Components

58

Shared

0

User Stories

Yes

Analyzed

Description

This feature enables Face ID and fingerprint authentication for returning users after their initial BankID, Vipps, or email/password login. The biometric prompt replaces the need to re-enter credentials on every app launch, significantly reducing friction for daily users such as peer mentors who log activities multiple times per day. Credentials are stored in the device's secure enclave and never leave the device; biometric authentication simply unlocks the stored session token to resume the authenticated session.

User Flow

Biometric Authentication (Face ID / Fingerprint) user flow

Click to expand

Analysis

Business Value

Peer mentors register activities frequently throughout their workday, making fast and frictionless re-authentication essential to adoption. Requiring full BankID authentication every session would create unacceptable friction and drive users back to paper-based or Word-based workflows. Biometric authentication preserves security (credentials never leave the device's secure enclave) while dramatically lowering the interaction cost of each app session. This is especially important for the target demographic, which includes users with motor and cognitive impairments who benefit from reduced input requirements and touch-based authentication.

Implementation Notes

Implemented using the local_auth Flutter plugin, which wraps iOS LocalAuthentication (Face ID / Touch ID) and Android BiometricPrompt APIs. The Secure Credential Store uses Flutter Secure Storage to persist the refresh token, encrypted at rest using AES-256. On successful biometric verification, the stored refresh token is read and exchanged for a new access token via POST /api/v1/auth/refresh. The Biometric Auth Service handles capability detection (checks if biometrics are enrolled and available), fallback to PIN/password if biometrics fail, and graceful degradation on devices without biometric hardware. Users can disable biometric login from Settings.

Components (62)

User Interface (1)

ui Biometric Auth Screen medium

Service Layer (1)

service Biometric Auth Service medium

Data Layer (1)

data Secure Credential Store low

Infrastructure (1)

infrastructure Biometric Infrastructure low

Shared Components

These components are reused across multiple features

User Interface (16)

ui Accessible Picker Widget medium Shared ui Speech Input Widget medium Shared ui Contact Card Widget low Shared ui Contact Search Bar Widget low Shared ui View Switcher Widget low Shared ui Activity Summary Widget low Shared ui Approval Status Badge Widget low Shared ui Bottom Navigation Bar Widget low Shared ui Duplicate Warning Badge Widget low Shared ui Receipt Viewer Widget medium Shared ui Benefit Breakdown Chart Widget medium Shared ui AppButton Widget medium Shared ui AppTextField Widget medium Shared ui Modal Navigation Helpers medium Shared ui Page Header Widget low Shared ui Sync Status Indicator Widget low Shared

Service Layer (13)

service Auth Service medium Shared service Role Guard Service medium Shared service Activity Service medium Shared service Role Guard Service low Shared service Contact Service medium Shared service Email Invitation Service medium Shared service Oversight Audit Log Service medium Shared service Reimbursement Approval Audit Logger low Shared service Context Management Service medium Shared service Statistics Service medium Shared service REST API Client high Shared service Accessibility Service high Shared service Encryption Service high Shared

Data Layer (9)

data Token Storage low Shared data Auth Token Repository medium Shared data Activity Repository medium Shared data Contact Repository Cache low Shared data Contact Repository medium Shared data Reimbursement Admin Repository medium Shared data Organization Repository high Shared data Local Cache Repository medium Shared data Audit Log Repository medium Shared

Infrastructure (20)

infrastructure JWT Infrastructure medium Shared infrastructure JWT Infrastructure low Shared infrastructure Auth Middleware medium Shared infrastructure Report API Middleware low Shared infrastructure Report Access Guard low Shared infrastructure Approval Audit Logger low Shared infrastructure End-to-End Encryption Infrastructure high Shared infrastructure Email Delivery Infrastructure low Shared infrastructure Invitation Token Infrastructure medium Shared infrastructure Signed URL Provider low Shared infrastructure Multi-Tenancy Infrastructure high Shared infrastructure Calculator Export Infrastructure medium Shared infrastructure Request & Response Interceptors high Shared infrastructure Design Token System medium Shared infrastructure Semantic Labels Infrastructure medium Shared infrastructure Connectivity Infrastructure low Shared infrastructure Local Database Infrastructure high Shared infrastructure Secure Storage Infrastructure medium Shared infrastructure Connection Pool Infrastructure medium Shared infrastructure Database Migration Infrastructure medium Shared

User Stories

No user stories have been generated for this feature yet.