I have been trying to integrate Touch ID into a non-UI service that comes as a part of our authentication solution. The best approach would be to get a raw fingerprint image or some other biometric data that can be linked somehow with the user identity.
But as I understood, all biometrics, including fingerprints, are hidden deep inside the Security Enclave, and there are no ways to get them.
Please correct me if I am wrong.
Also, the only Touch ID API that I found is LAContext's evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics from the LocalAuthentication framework. The framework is pretty 'high level' one and returns generally speaking 'authenticated' or not 'not authenticated' status and doesn't provide any useful user-specific data that can be checked to verify the user identity on our side.
Thus, the general idea of the integration now is to use Touch ID's API (evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics) to generate a key pair located in the Security Enclave and use it later for getting signatures. But is there a way to hide the standard authentication UI for Touch ID? I don't need it because of the custom UI implementation.
Or is there any other low level Touch ID API?
Thanks!