Device unlock method update scenarios
Overview
This page explains how changes to the device unlock method affect CDCVM behavior.
The behavior depends on the CDCVM policy configured during NFC Wallet SDK initialization:
.biometricOnly.userPresence
For setup details, see NFC Wallet SDK initialization and Understand CDCVM.
Scenarios
Scenarios for biometrics only (.biometricOnly)
.biometricOnly)End user disables the device lock screen. For example, biometrics are not enrolled and passcode is turned off.
Invalidates the key material in the keychain.
Detects that the key material is invalid when accessing the keychain.
Wipes local data and throws ContactlessPaymentSession.Error.authenticationKeyInvalidated(error). Reinitialize the SDK. See NFC Wallet SDK initialization.
End user disables the passcode, then re-enables it and re-enrolls biometrics.
Invalidates the key material in the keychain.
Detects that the key material is invalid when accessing the keychain.
Wipes local data and throws ContactlessPaymentSession.Error.authenticationKeyInvalidated(error). Reinitialize the SDK. See NFC Wallet SDK initialization.
End user changes the passcode while biometrics remain enrolled.
No action.
No action.
No action.
End user keeps a passcode but removes all biometrics.
No action.
Detects that biometrics were removed.
Throws ContactlessPaymentSession.Error.biometricNotEnrolled.
End user keeps a passcode and enrolls new biometrics.
No action.
No action.
No action.
Scenarios for user presence (.userPresence)
.userPresence)End user disables the device lock screen. For example, biometrics are not enrolled and passcode is turned off.
Invalidates the key material in the keychain.
Detects that the key material is invalid when accessing the keychain.
Wipes local data and throws ContactlessPaymentSession.Error.authenticationKeyInvalidated(error). Reinitialize the SDK. See NFC Wallet SDK initialization.
End user disables the passcode, then enables it again and enrolls biometrics again.
Invalidates the key material in the keychain.
Detects that the key material is invalid when accessing the keychain.
Wipes local data and throws ContactlessPaymentSession.Error.authenticationKeyInvalidated(error). Reinitialize the SDK. See NFC Wallet SDK initialization.
End user changes the passcode while biometrics remain enrolled.
No action.
No action.
No action.
End user changes the passcode when no biometrics are enrolled.
No action.
No action.
No action.
End user keeps a passcode but removes all biometrics.
No action.
No action.
No action.
End user keeps a passcode and enrolls new biometrics.
No action.
No action.
No action.
Last updated
Was this helpful?