Any way to verify that Screen lock options PIN or Password is enabled ?

[nicolasrosado]

Hello,

Plugin cordova secure storage permit to verify that Screen lock options PIN or Password is enabled and throw "Mobile is not secure" error if it's not. In capacitor plugin I don't see any init method. Is there a way to verify that the mobile is secure thanks to this plugin ?

link :
https://support.google.com/android/answer/9079129?hl=en
https://www.npmjs.com/package/cordova-plugin-secure-storage-echo

var ss = new cordova.plugins.SecureStorage(
  function() {
    console.log("Success");
  },
  function(error) {
    console.log("Error " + error);
  },
  "my_app"
);

sample of implementation :

public init(): Promise<any> {
       return new Promise((resolve, reject) => {
           this.secureStorage = new cordova.plugins.SecureStorage(
               () => {
                   console.log('--> Secure Storage init success');
                   resolve();
               },
               (error) => {
                   console.log('error on init secureStorage ', error);
                   navigator.notification.alert(
                       'Please enable the screen lock on your device. This app cannot operate securely without it.',
                       () => {
                           console.log('dans l alert');
                       },
                       'Screen lock is disabled'
                   );
                   reject(error);
               },
               'MY_APP');
       });
   }

Thanks in advance for your return,

[olivierschmid]

Hi
This would be a nice addon. I am planning to migrate the cordova-plugin-secure-storage-echo to your capacitor plugin. Because of our internal security policy i need to check if the device is at least secured with pin-code.

At least for iOS it is implemented in the fork capacitor-secure-storage-plugin by introducing "accessibility" attributes that are passed to keychain-wrapper.

Thanks!