Reem Reem - 1 month ago 14
Swift Question

Increasing security for payment with Sirikit

I'm trying to increase security for my payments app which is integrated with Siri.
I used Apple's sample code from this link , and I adjusted the following in order to implement touch ID authentication before performing the payment:

(Added function "authenticate" for touch ID authentication, and called it in the handle function)

func handle(sendPayment intent: INSendPaymentIntent, completion: @escaping (INSendPaymentIntentResponse) -> Void) {
self.authenticate(successAuth: {

guard let payee = intent.payee,
let payeeHandle = payee.personHandle,
let currencyAmount = intent.currencyAmount,
let amount = currencyAmount.amount,
let currencyCode = currencyAmount.currencyCode
else {
completion(INSendPaymentIntentResponse(code: .failure, userActivity: nil))
return
}

self.contactLookup.lookup(emailAddress: payeeHandle.value) { contact in
guard let contact = contact else {
completion(INSendPaymentIntentResponse(code: .failure, userActivity: nil))
return
}

let payment = Payment(contact: contact, amount: amount, currencyCode: currencyCode)

self.paymentProvider.send(payment) { success, _, _ in
guard success else {
completion(INSendPaymentIntentResponse(code: .failure, userActivity: nil))
return
}

let response = INSendPaymentIntentResponse(code: .success, userActivity: nil)
response.paymentRecord = self.makePaymentRecord(for: intent)

completion(response)
}
}
}) { (error) in
print("error in authentication")
completion(INSendPaymentIntentResponse(code: .failure, userActivity: nil))
return
}

}

func authenticate(successAuth: @escaping () -> Void, failure: @escaping (NSError?) -> Void) {
// 1. Create a authentication context
let authenticationContext = LAContext()
var error:NSError?
guard authenticationContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) else {
failure(error)
return
}
// 3. Check the fingerprint
authenticationContext.evaluatePolicy(
.deviceOwnerAuthenticationWithBiometrics,
localizedReason: "Unlock to send the money",
reply: { [unowned self] (success, error) -> Void in

if( success ) {
successAuth()

}else {
let message = self.errorMessageForLAErrorCode(errorCode: (error! as NSError).code)
print(message)
failure(error! as NSError)
}

})
successAuth()
}


The problem is Siri says: " Sorry, you'll need to continue in the app"

Answer

After careful debugging, I found out that the problem occurred only when Siri suggests last payee or last currency amount, so I commented these parts in resolvePayee and resolveCurrencyAmount, and the flow worked perfectly! After confirming the payment, it asks for the touch ID authentication and then sends the payment. Thanks guys!