Advanced security measures for Salesforce mobile apps

Salesforce can prompt users to verify their identity using biometrics scanning through mobile devices. The outcome of these biometrics-related operations is sent back to the Lightning Web Component that initiated it.

  • Published 24 Jan 2024
  • 3 mins read
Advanced security measures for Salesforce mobile apps
Table of contents
Article highlights
  • BiometricsService API enhances user security by allowing Lightning Web Components to utilize native biometrics, which streamlines the identity verification process without the need for passwords.
  • The local processing of biometrics checks on devices ensures compliance with industry standards and enhances security by not requiring a network connection during the verification process.
  • Developers can integrate biometrics capabilities into Lightning Web Components with the BiometricsService API by using simple code implementations, making it accessible for enhancing security within Salesforce environments.

The mobile device manages biometric checks locally—no network connection is required. However, for BiometricsService to function, platform-specific APIs accessible only through compatible Salesforce mobile applications are needed.

Read on to find out how to safeguard your Salesforce mobile apps through BiometricsService.

Why use BiometricsService API for confirming user identity

The BiometricsService API in Salesforce enables Lightning Web Components to utilize native biometrics functionality, enhancing security and providing a user-friendly experience.

Users can confirm their identity with a quick scan, eliminating the need to remember and enter complex passwords.

Operating only within compatible Salesforce mobile apps, it guarantees industry standards compliance and local device processing – and it provides a smooth interaction with Lightning Web Components for swift identity verification.

Using BiometricsService API

Adding BiometricsService to a Lightning Web Component

To create a Lightning Web Component with biometrics capabilities, Developers should utilize the BiometricsService API. The API must be imported into the component's JavaScript file using the standard import statement.

Developers can obtain an instance by employing the "getBiometricsService()" factory function from the "lightning/mobileCapabilities" module.

Availability should be verified using utility functions and constants, enabling feature functions to prompt users for biometrics checks, thus enhancing security within the Salesforce environment.

Sample code

👉 "biometricsExample.html"

<template>
   <lightning-card title="Biometrics Service Demo" icon-name="custom:privately_shared">
     <div class="slds-var-m-around_medium">
       Use device biometrics capabilities to verify current user is indeed device owner:
       <lightning-button
         variant="brand"
         label="Verify"
         title="Verify device ownership using biometrics"
         onclick={handleVerifyClick}
         class="slds-var-m-left_x-small">
       </lightning-button>
     </div>
     <div class="slds-var-m-around_medium">
       <lightning-formatted-text value={status}></lightning-formatted-text>
     </div>
   </lightning-card>   
 </template>

👉 "biometricsExample.js"

import { LightningElement } from 'lwc';
import { getBiometricsService } from 'lightning/mobileCapabilities';


export default class BiometricsExample extends LightningElement {


       status;
       biometricsService;
  
       connectedCallback() {
         this.biometricsService = getBiometricsService();
       }
  
       handleVerifyClick() {
         if (this.biometricsService.isAvailable()) {
           const options = {
             permissionRequestBody: "Required to confirm device ownership.",
             additionalSupportedPolicies: ['PIN_CODE']
           };
           this.biometricsService.checkUserIsDeviceOwner(options)
             .then((result) => {
               if (result === true) {
                 this.status = "✔ Current user is device owner."
               } else {
                 this.status = "𐄂 Current user is NOT device owner."
               }
             })
             .catch((error) => {
               // Handle errors
               this.status = 'Error code: ' + error.code + '\nError message: ' + error.message;
             });
         } else {
           // service not available
           this.status = 'Problem initiating Biometrics service. Are you using a mobile device?';
         }
       }
   }

Compatibility and requirements

  • Access to the device's hardware and device platform APIs is required.
  • BiometricsService is available in Lightning apps distributed using the Salesforce mobile app and Mobile Publisher for Experience Cloud.
  • Even on a mobile device, the BiometricsService is not entirely functional when used on other platforms, such as desktop computers or web browsers.
  • Optimal performance is in the Lightning app or site on compatible iOS or Android devices.
  • When your application operates within a browser – whether on a desktop or mobile device – it is limited to employing solely BiometricsService constants and utility functions. Any effort to execute biometrics-related operations will be unsuccessful.

Stay safe and sound

By utilizing built-in biometrics features, the BiometricsService API integration with Salesforce mobile apps provides enhanced security measures. This improves the user-friendliness of identity verification while guaranteeing compliance with industry standards, local device processing, and smooth integration with Lightning Web Components.

🔐
Give your users a reliable and safe experience in the Salesforce environment.

Contact us

to make your transition

Last updated: 10 Jul 2024