MASTG-TEST-0267: Runtime Use Of Event-Bound Biometric Authentication

Overview

This test is the dynamic counterpart to References to APIs for Event-Bound Biometric Authentication.

Steps

1. Use runtime method hooking (see Method Hooking) and look for uses of LAContext.evaluatePolicy(...) and SecAccessControlCreateWithFlags, including all flags.

Observation

The output should contain a list of locations where the LAContext.evaluatePolicy and SecAccessControlCreateWithFlags functions are called including all used flags.

Evaluation

The test fails if for each sensitive data resource worth protecting:

• LAContext.evaluatePolicy is used explicitly.
• There are no calls to SecAccessControlCreateWithFlags requiring user presence with any of the possible flags.

Demos

MASTG-DEMO-0042: Runtime Use of LAContext.evaluatePolicy with Frida