Get Started
Salesforce Security And Data Quality

Advanced security measures for Salesforce mobile apps

Salesforce can prompt users to verify their identity using biometrics scanning through mobile devices. The outcome of these biometrics-related operations is sent back to the Lightning Web Component that initiated it.

Harald Mayer
Harald Mayer
Advanced security measures for Salesforce mobile apps
Table of contents

The mobile device manages biometric checks locally—no network connection is required. However, for BiometricsService to function, platform-specific APIs accessible only through compatible Salesforce mobile applications are needed.

Read on to find out how to safeguard your Salesforce mobile apps through BiometricsService.

Why use BiometricsService API for confirming user identity

The BiometricsService API in Salesforce enables Lightning Web Components to utilize native biometrics functionality, enhancing security and providing a user-friendly experience.

Users can confirm their identity with a quick scan, eliminating the need to remember and enter complex passwords.

Operating only within compatible Salesforce mobile apps, it guarantees industry standards compliance and local device processing – and it provides a smooth interaction with Lightning Web Components for swift identity verification.

Using BiometricsService API

Adding BiometricsService to a Lightning Web Component

To create a Lightning Web Component with biometrics capabilities, Developers should utilize the BiometricsService API. The API must be imported into the component's JavaScript file using the standard import statement.

Developers can obtain an instance by employing the "getBiometricsService()" factory function from the "lightning/mobileCapabilities" module.

Availability should be verified using utility functions and constants, enabling feature functions to prompt users for biometrics checks, thus enhancing security within the Salesforce environment.

Sample code

👉 "biometricsExample.html"

<template>
   <lightning-card title="Biometrics Service Demo" icon-name="custom:privately_shared">
     <div class="slds-var-m-around_medium">
       Use device biometrics capabilities to verify current user is indeed device owner:
       <lightning-button
         variant="brand"
         label="Verify"
         title="Verify device ownership using biometrics"
         onclick={handleVerifyClick}
         class="slds-var-m-left_x-small">
       </lightning-button>
     </div>
     <div class="slds-var-m-around_medium">
       <lightning-formatted-text value={status}></lightning-formatted-text>
     </div>
   </lightning-card>   
 </template>

👉 "biometricsExample.js"

import { LightningElement } from 'lwc';
import { getBiometricsService } from 'lightning/mobileCapabilities';


export default class BiometricsExample extends LightningElement {


       status;
       biometricsService;
  
       connectedCallback() {
         this.biometricsService = getBiometricsService();
       }
  
       handleVerifyClick() {
         if (this.biometricsService.isAvailable()) {
           const options = {
             permissionRequestBody: "Required to confirm device ownership.",
             additionalSupportedPolicies: ['PIN_CODE']
           };
           this.biometricsService.checkUserIsDeviceOwner(options)
             .then((result) => {
               if (result === true) {
                 this.status = "✔ Current user is device owner."
               } else {
                 this.status = "𐄂 Current user is NOT device owner."
               }
             })
             .catch((error) => {
               // Handle errors
               this.status = 'Error code: ' + error.code + '\nError message: ' + error.message;
             });
         } else {
           // service not available
           this.status = 'Problem initiating Biometrics service. Are you using a mobile device?';
         }
       }
   }

Compatibility and requirements

  • Access to the device's hardware and device platform APIs is required.
  • BiometricsService is available in Lightning apps distributed using the Salesforce mobile app and Mobile Publisher for Experience Cloud.
  • Even on a mobile device, the BiometricsService is not entirely functional when used on other platforms, such as desktop computers or web browsers.
  • Optimal performance is in the Lightning app or site on compatible iOS or Android devices.
  • When your application operates within a browser – whether on a desktop or mobile device – it is limited to employing solely BiometricsService constants and utility functions. Any effort to execute biometrics-related operations will be unsuccessful.

Stay safe and sound

By utilizing built-in biometrics features, the BiometricsService API integration with Salesforce mobile apps provides enhanced security measures. This improves the user-friendliness of identity verification while guaranteeing compliance with industry standards, local device processing, and smooth integration with Lightning Web Components.

🔐
Give your users a reliable and safe experience in the Salesforce environment.
→ Contact us to help you safeguard your Salesforce environments! ←

Authors

Harald Mayer
Harald Mayer

Harald is the Co-Founder of Hutte, bringing his vision of no-code DevOps to life. His passion enables teams and individuals to focus on what matters most – bringing value to the users they build for.

Related Articles

9 best Salesforce security best practices for 2024
Salesforce Security And Data Quality

9 best Salesforce security best practices for 2024

Guide to improving Salesforce data quality and cleansing
Salesforce Security And Data Quality

Guide to improving Salesforce data quality and cleansing

What is the Salesforce Data Security Model
Salesforce Security And Data Quality

What is the Salesforce Data Security Model