I have been working on integrating Touch ID and Keychain Access in my iOS application, with the help of the sample code provided by Apple here. The user's password is stored in the keychain on the first successful login and on subsequent launches, when the user is authenticated using Touch ID, the application retrieves the password from the keychain. So far, so good.
However, what has been bugging me is the question of how to keep the password secure in case of multiple people's fingerprints being registered on the device. As far as I can understand, Touch ID can only be used for authentication, not for identification. So, in case multiple users have their fingerprints registered on the device, any of them can access the password stored in the keychain, and hence log in to the app.
Is there no way to ensure that only one particular fingerprint is able to access the password stored on the keychain and log into the app?
The LocalAuthentication framework gives us very less information.
You have no concept of the actual authentication process i.e. which finger was used. This is because apple does not want to give you access to such information.