Use device authentication for browser lock feature

[kylehickinson]

Goal is the move the current custom browser PIN feature to use the users device authentication (including their device PIN)

Spec: iOS Pin Upgrade

[srirambv]

Verification passed on iPhone XR with iOS 13.5 running 1.29(21.07.28.22)

• Verified test plan from Fix #3921: Use device authentication for browser lock feature #3922

Migration

• Verified with custom pin setup, upgrading brings up the migration modal before any other modal is being shown
• Verified able to successfully migrate to using iPhone unlock feature
• Verified able to successfully disable browser lock feature
• Verified migration works fine on all 3 scenarios
  • User has custom PIN and device PIN - Shows migration screen, feature is enabled
  • User has custom PIN and no device PIN - Shows migration screen, feature is disabled
  • User has no custom PIN - No migration screen is shown but setting is updated to Browser Lock and set to disabled

Clean Install

• Verified on clean install no migration screen for Browser lock is shown
• Verified Browser lock is disabled by default on clean install
• Verified enabling Browser lock works fine with normal tabs and PB only

Authentication Flow

• Verified backgrounding the app hides the screen the next time the app app is opened via switcher
• Verified app contents (tabs preview) is not visible but shows a thick blur with lock screen icon
• Verified opening the app from background or fresh launch shows authentication immediately
• Verified cancelling the authentication keeps the app in blurred screen with Unlock button
• Verified entering an invalid passcode doesn't unlock. Only unlocks with device passcode
• Verified removing biometrics from device forces authentication with pin only
• Verified disabling device pin still allows to open Brave with the feature still being enabled

---

Verification passed on iPhone 7+ with iOS 14.5.1 running 1.29(21.07.28.22)

• Verified test plan from Fix #3921: Use device authentication for browser lock feature #3922

Migration

• Verified with custom pin setup, upgrading brings up the migration modal before any other modal is being shown
• Verified able to successfully migrate to using iPhone unlock feature
• Verified able to successfully disable browser lock feature
• Verified migration works fine on all 3 scenarios
  • User has custom PIN and device PIN - Shows migration screen, feature is enabled
  • User has custom PIN and no device PIN - Shows migration screen, feature is disabled
  • User has no custom PIN - No migration screen is shown but setting is updated to Browser Lock and set to disabled

Clean Install

• Verified on clean install no migration screen for Browser lock is shown
• Verified Browser lock is disabled by default on clean install
• Verified enabling Browser lock works fine with normal tabs and PB only

Authentication Flow

• Verified backgrounding the app hides the screen the next time the app app is opened via switcher
• Verified app contents (tabs preview) is not visible but shows a thick blur with lock screen icon
• Verified opening the app from background or fresh launch shows authentication immediately
• Verified cancelling the authentication keeps the app in blurred screen with Unlock button
• Verified entering an invalid passcode doesn't unlock. Only unlocks with device passcode
• Verified removing biometrics from device forces authentication with pin only
• Verified disabling device pin still allows to open Brave with the feature still being enabled

---

Verification passed on iPad Pro with iOS 14.6 running 1.29(21.07.28.22)

• Verified test plan from Fix #3921: Use device authentication for browser lock feature #3922

Migration

• Verified with custom pin setup, upgrading brings up the migration modal before any other modal is being shown
• Verified able to successfully migrate to using iPhone unlock feature
• Verified able to successfully disable browser lock feature
• Verified migration works fine on all 3 scenarios
  • User has custom PIN and device PIN - Shows migration screen, feature is enabled
  • User has custom PIN and no device PIN - Shows migration screen, feature is disabled
  • User has no custom PIN - No migration screen is shown but setting is updated to Browser Lock and set to disabled

Clean Install

• Verified on clean install no migration screen for Browser lock is shown
• Verified Browser lock is disabled by default on clean install
• Verified enabling Browser lock works fine with normal tabs and PB only

Authentication Flow

• Verified backgrounding the app hides the screen the next time the app app is opened via switcher
• Verified app contents (tabs preview) is not visible but shows a thick blur with lock screen icon
• Verified opening the app from background or fresh launch shows authentication immediately
• Verified cancelling the authentication keeps the app in blurred screen with Unlock button
• Verified entering an invalid passcode doesn't unlock. Only unlocks with device passcode
• Verified removing biometrics from device forces authentication with pin only
• Verified disabling device pin still allows to open Brave with the feature still being enabled

---

Encountered #3981

[ghost]

Hello, I use the Brave browser on iPad and I would like to leave some feedback regarding this feature in the latest update (1.29).

While I do believe that using the same password as my device for the app is easier to set up, for me it kind of defeats the purpose of having a passcode lock for the app in the first place. This is because I used the passcode to protect my data from people who do know my device's passcode. Now the only case in which the new passcode lock implementation will help will be if I leave my device unlocked and someone takes it and decides to look through it, which I find unlikely.

I would like to see in future versions an option to select a passcode different from that of my device, like it used to be.

I already posted feedback about this change on the brave community forum on this thread, https://community.brave.com/t/passcode-behavior-in-new-ios-version/271631, where I had a lengthy conversation and was told in the end that it would be a good idea to also post my feedback here on Github. Hopefully it is useful to you.