I'm currently developying autofill function for one shopping website, want to know how autofill suggestion can have security code with transaction info (example currency and amount of money) when clients receive OTP sms Thans in advance

We attempted to set the contentType of UITextField to suggest hint about the added credit card number. Following code has been used :- txtField.returnKeyType = .done txtField.placeholder = "Credit Card Number" txtField.borderStyle = .roundedRect txtField.keyboardType = .default txtField.textContentType = .creditCardNumber We are not getting the expected suggestions about credit card no. We have added one credit card in Account’s Payment & Shipping section. Please help if I am missing something here.

Garritt, Kudos for leadership on making Apple PassKeys a reality. would like to consult with Apple security/privacy/authentication teams about new anon/auth tools for web security and device logins generally. concepts are shared in uspto pending patent app 17/572336, for which notice of allowance has issued. thanks, timo founder and seo PoKos Communications Corp. 603.491.9792 (m)

I am developing a Mac app which provides a Credential Provider extension and I'm having trouble with passkey integration. I wrote here about the issue I'm having with the iOS app. On the Mac I'm experiencing a different issue. As opposed to the iOS app (where I'm not even able to use my extension to create a new passkey in the first place) on the Mac I'm able to use my extension to create a passkey. I save the credential identity into the system AutoFill suggestions store without error. The problem is that when I attempt to authenticate on the same site the system does not offer my app's credential as a suggestion. Standard passwords are working fine. Can anyone help me understand how I can troubleshoot this type of problem? Thanks! -Jeremy

I'm developing an iOS app that contains a Credential Provider Extension, and I want it to support passkeys. I've set the ProvidesPasskeys key to YES in the Info.plist of the extension, and in the CredentialProviderViewController I've implemented: func prepareCredentialList( for serviceIdentifiers: [ASCredentialServiceIdentifier] ) func provideCredentialWithoutUserInteraction( for credentialRequest: ASCredentialRequest ) func prepareInterfaceToProvideCredential( for credentialRequest: ASCredentialRequest ) func prepareInterface( forPasskeyRegistration registrationRequest: ASCredentialRequest ) Standard password autofill suggestions that I have added to the system store are presented to me when I arrive to the corresponding login page, and the autofill flow succeeds via my extension. When I attempt to create a new passkey on my iPhone, whether it be in Safari on a website that supports passkeys (e.g. google.com) or within a native app that supports the creation of passkeys (e.g. PayPal), I am not given the option to create a passkey using my extension. The only option that is provided to me is the builtin Keychain option. On the "Settings->Passwords->Password Options" page I have "AutoFill Passwords and Passkeys" switch on and in the section titled "USE PASSWORDS AND PASSKEYS FROM:". I have selected both my app and "iCloud Passwords & Keychain". If I uncheck "iCloud Passwords & Keychain" and then attempt to create a passkey then I am shown a system sheet which tells me to go to the settings page to "choose how to manage passkeys". Any ideas on how to troubleshoot this situation? Thanks very much! -Jeremy

Hi all, I'm trying to create a passkey provider application and I can consistently register a passkey through 'prepareInterface(forPasskeyRegistration registrationRequest: ASCredentialRequest)' everywhere that accepts passkeys. However, when I attempt to then use that passkey to sign in with 'provideCredentialWithoutUserInteraction(for credentialRequest: ASCredentialRequest)' My code will work on some sites.. and not others. For instance: https://passkey.org/ and https://webauthn.io/ both work flawlessly. But if I then try to do the same with Github, Uber, or Coinbase (really any application "in the wild") the assertion portion fails with a generic error like "This passkey can't be used anymore." I've debugged every request and response object line by line and can't find a single difference between a site that works, and one that doesn't.. Does anyone know why this could be the case? Here's my assertion code: guard let request: ASPasskeyCredentialRequest = credentialRequest as? ASPasskeyCredentialRequest else { return } // Following specs from here: https://www.w3.org/TR/webauthn/#sctn-signature-attestation-types let hashedRp: [UInt8] = Array(SHA256.hash(data: Data(request.credentialIdentity.serviceIdentifier.identifier.data(using: .utf8) ?? Data([])))) let flags:[UInt8] = [29] // 00011101 - only one that seems to work let counter:[UInt8] = [0, 0, 0, 1] // just for testing, always the first for now until this works let authData = hashedRp + flags + counter let signature = try privateKey.signature( for: Data(authData + request.clientDataHash) ) let response: ASPasskeyAssertionCredential = ASPasskeyAssertionCredential( userHandle: Data(request.credentialIdentity.user.utf8), relyingParty: request.credentialIdentity.serviceIdentifier.identifier, signature: signature.derRepresentation, clientDataHash: request.clientDataHash, authenticatorData: Data(authData), credentialID: Data(credentialId.utf8) ) extensionContext.completeAssertionRequest(using: response) Any help would be very appreciated as I've been stuck on this for a while now.

I developed an app that implements autofill extension with ASCredentialProviderViewController to provide passkeys. while it works smoothly on internal connections (e.g. register to webauthn.io on the same device where my app is installed), it fails when i'm scanning QR code on another device. I suspect it's a problem with the flags of the passkey attestation object as the only difference between the 2 requests (internal and hybrid) I've found is that the userVerificationPreference is changed from preferred (internal) to required (hybrid). i sent those flags (both on hybrid and internal connection): binary rep: 01011101 decimal rep: 93 is anyone has a clue what goes wrong?

After upgrading iOS from 17 to 17.1, the list of passkeys registered to the ASCredentialIdentityStore is not displayed in the Safari QuickType bar. (Google Chrome browser is ok)

Hi, we want to implement passkey in our password manager, but we can not find documentation how to create passkey and save in our database? Can some one help?

Hi, we are facing on a strange behaviour since iOS 16. In a registration view, we have two text field to insert password (password textfield and confirm password text field). Suggest strong password is abilitate (from iCloud... password & keychain). When user tap on password text field, can choose between strong password or text custom password. If user choose custom password, can text his own password as usually. But when he tap the second text field (confirm password) Apple fill in automatic both text field, cleaning the first text field... So user entry in a loop where he text password and when go next, previous textfield be cleaned and both text field filled with a new suggestion. Searching on the web we don't find any solution to it. Also because we try just to set text fields as .password or .newPassword. But this behaviour is always the same. Maybe is it a bug of iOS 16? How we can allow user to chose a custom password if the system fill always in automatic the password text fields, every time he tap on them?

*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'Application tried to present modally a view controller <_SFAppAutoFillPasswordViewController: 0x106e22ee0> that is already being presented by <UIKeyboardHiddenViewController_Autofill: 0x106e25a10>.' IOS16(not sure other OS version could reproduce this or not) click on textfield, then keyboard shows(with a key button above), click key button, it crashes randomly.