So I’ve went through a few biometric apps so I can offer my users a biometric login. My problem is security. Storing a key/value based system that can just be accessed by calling the key/value system again isn’t secure.
I installed the GitHub - epicshaggy/capacitor-native-biometric biometric, but the username and password can legit be accessed without using the biometric.
I’ve read that on Android (and maybe iOS?) there’s a way to get the system to give you back a public/private key pair on biometric authentication? Now a key pair direct from the OS is MUCH more secure. I could then add this to my token system and it would be easier and extremely secure.
My question is, do I know what I’m talking about? Or am I missing something? Lol
Is this possible just not implemented in Cordova or capacitor or any others?
Any help is greatly appreciated!