This is so secure that even if someone gets access to your Android device passcode and legally adds his fingerprints in the phone, Android immediately invalidates all the encryption/decryption keys and makes them unusable. And that key (in a usable format) can only be retrieved when you authenticate Enpass with your Biometric. This solution is highly secure because your master password is accessible only after it gets decrypted using the same key stored in the Android Keystore. As soon as you enable Biometric from Enpass settings on your device, we create a Biometric authenticated, Enpass specific random encryption/decryption key in Android Keystore (accessible to Enpass only) and encrypt your master password using this key and store in private area in the device storage. When you disable Quick Unlock from Enpass settings, Enpass erases the master password from the iOS keychain.Īndroid 6.0 and later, provides a new Fingerprint/Biometric API along with enhancement in Android Keystore which is reliable enough to protect our master password. On next successful attempt, it is saved again in the iOS keychain. When you disable device passcode, quick unlock also gets disabled, removing saved master password.Īlso, if five consecutive attempts to quick unlock are unsuccessful, Enpass erases the master password from the iOS keychain and prompts to enter master password to unlock Enpass. Setting up a device passcode ensures that all the data (including the saved master password) in iOS keychain is protected by iOS itself. We have restricted the quick unlocking of Enpass only on the devices having a device passcode. This is so secure that even if someone gets access to your device passcode and legally adds his fingerprints in the phone, iOS immediately invalidates all the cryptographic keys and makes them unusable. Secure Enclave lock the saved master password in such a way that it can be only accessible after a successful biometric authentication. Unlocking through Biometrics uses an addition protection of Secure Enclave. In any case, your master password does not leave the device neither during the backup of iTunes nor of iCloud Keychain. When you enable Biometric or PIN on your device, Enpass stores an obfuscated version of your master password in iOS Keychain that can only be accessed by Enpass. IOS Keychain provides a way to store app-specific sensitive data that can only be accessed by that app.
0 Comments
Leave a Reply. |