I have the same problem and I just found out that if you evaluate against the key LAPolicyDeviceOwnerAuthentication instead of LAPolicyDeviceOwnerAuthenticationWithBiometrics even after the user has denied permission, the assessment will succeed and you will get the correct bioometryType type. Your code will look like
static fileprivate var biometryType: DSLocalAuthenticationBiometryType { let context = LAContext() var error: NSError? let _ = context.canEvaluatePolicy(.deviceOwnerAuthentication, error: &error) if #available(iOS 11.0, *) { return context.biometryType == .typeFaceID ? .typeFaceID : .none } else { return .none } }
NOTE : on devices without a touch identifier and a face identifier, it still returns YES, so you donβt know whether the device really has a hw biometric value or not with iOS below 11 (which does not set the biometriyType property)
Update
For devices with iOS version 10 or lower, you can use LAPolicyDeviceOwnerAuthenticationWithBiometrics, as usual, will behave correctly (returns true if the device supports a touch identifier), so this is just a matter of differentiating the current OS version :)
Let me know if this works :)
The best