Unable to set lock pin for Android apps requiring it

REPRODUCIBILITY: 100%
OS VERSION: 4.5.0.19
HARDWARE: Xperia III
UI LANGUAGE: English
REGRESSION: It seem so according to forum posts, was working in 4.2.0.19

DESCRIPTION:

It is not possible to set a lock pin in android settings, resulting in applications requiring it refusing to start/work (e.g. banking, payment applications).
This appear to have worked in past versions of SailfishOS with Android support, and one of the “workaround” is to flash a older version and then proceed to OTA upgrade from that versus instead flashing the latest one (apparently worked in 4.2.0.19 some users have reported).

PRECONDITIONS:

Flashing the latest version versus having upgraded from 4.2.0.19

STEPS TO REPRODUCE:

  1. Either install an android app requiring the lock pin to be set or try to set the lock pin in android settings (the lock pin won’t be set)

EXPECTED RESULT:

Be able to set the lock pin (in Android).

ACTUAL RESULT:

Not being able to set the lock pin (in Android).

MODIFICATIONS:

None.

ADDITIONAL INFORMATION:

Thread with people discussing the issue: Android app requiring lock pin

14 Likes

Thanks for the bug report. Created an internal bug report about this, however we already had a task about this.

3 Likes

@jwalden are there any news on this issue?

My bank changed their app which requires a lock. When they stop the previous app I won’t be able to access my account any more, since they require mobile authentication.

5 Likes

Unfortunately can’t give any estimates on this, so sorry, no news.

2 Likes

I would like to suggest another expected outcome:

A set lock pin in Sailfish should make the android system tell it’s aops, that there is a lock screen out of the box.

So there should no need to set an extra pin in android itself.

But an earlier implementation should be more prioritized than a “better one”.

6 Likes

To expect a proper fingerprint support in AppSupport would be good too

1 Like

How is it looking, can we expect at least a preliminary hotfix (as illustrated by @jlangenbach above) in the next release? In my case, not being able to use my brokerage app because of the missing Android App Support-level PIN support is a huge annoyance, solving this issue would be a huge relief for me (and many others, of course, as well).

1 Like

I bet this doesn’t really help, but i never had any problems with Android apps using PIN. Seven out of seven apps working as they should.

You probably mean apps that are secured with a “baked in” app-exclusive PIN, we are talking about apps that check if the whole (Android) system is being secured with a set display lock PIN/pattern/biometric signature, Sailfish’s Android App Support does not support this (yet, resp. anymore).

Ok.

So eg. your banking app doesn’t have PIN verification “baked in” (as you said it)?

Yes, it relies on the OS, instead of doing the PIN request (e.g. during logins) itself. In my case, it says “without a set up device PIN you can’t use this app”, and won’t allow any further actions until it is activated.

The interesting fact is that on older versions it was OK. So somebody missed something with the update and does not fix it for two years.

Are you really sure the app you are having problems with now is still the same version that used to work?

This Bug is still an Issue in SFOS 4.6.0.13.
This would be very cool to get fixed in the next release. Shouldn’t be that difficult to make AppSupport think it is screen looked…

5 Likes

I saw it also in android forums. So the bug is in the underlying Android (lineage or aosp i don’t know?

It’s not a “bug” per se, more like an “adaptation with unintended consequences”. Sailfish’s AppSupport neutered the ability of the Android layer to have its own lock PIN, since Sailfish already has that ability on its own. However, Android apps can obviously only see the Android settings, so for them, the lock PIN is deactivated, which becomes a problem once apps mandate an activated lock PIN (as the German broker “Smartbroker+” does, in my case).

Unfortunately, this issue hasn’t been tackled with the latest update to 4.6.0.15 either. @jovirkku I know the issue is “tracked,” but is it actually on someone’s agenda?

2 Likes

Not tackled in Sailfish OS 5 either :\

Maybe we should create a list of affected apps (and the number of downloads according to Google Play, as a measuring stick for importance):

Danske ID - Danske Bank (500,000+ downloads)
SMARTBROKER+ Aktien & ETF (50,000+ downloads)

I will gladly update this list with further entries, just tell me which apps are affected (or if they no longer are). :grinning:

The missing ability to set a lock PIN inside the Android layer also thwarts any possibility to have 2FA “passkey” support (WebAuthn - Wikipedia) for Android apps (e.g. Firefox, which supports passkeys on Android 14 and upwards) in the future - as brought up here in April: Android Support Passkey configuration and lock screen.

Passkeys are funamentally flawed. All it does on top of a half-decent password manager is that the client software promises a few things. There are no enforcement mechanisms at all. I.e. Only one factor is actually authenticated. From a security or even general developer perspective, that’s completely insane to advertise as a feature, let alone call 2FA.

So this only furthers the argument that there is a strong correlation between silly apps and enforcing lockscreen password.