@jwalden are there any news on this issue?
My bank changed their app which requires a lock. When they stop the previous app I won’t be able to access my account any more, since they require mobile authentication.
5 Likes
Unfortunately can’t give any estimates on this, so sorry, no news.
2 Likes
I would like to suggest another expected outcome:
A set lock pin in Sailfish should make the android system tell it’s aops, that there is a lock screen out of the box.
So there should no need to set an extra pin in android itself.
But an earlier implementation should be more prioritized than a “better one”.
6 Likes
To expect a proper fingerprint support in AppSupport would be good too
1 Like
How is it looking, can we expect at least a preliminary hotfix (as illustrated by @jlangenbach above) in the next release? In my case, not being able to use my brokerage app because of the missing Android App Support-level PIN support is a huge annoyance, solving this issue would be a huge relief for me (and many others, of course, as well).
1 Like
I bet this doesn’t really help, but i never had any problems with Android apps using PIN. Seven out of seven apps working as they should.
You probably mean apps that are secured with a “baked in” app-exclusive PIN, we are talking about apps that check if the whole (Android) system is being secured with a set display lock PIN/pattern/biometric signature, Sailfish’s Android App Support does not support this (yet, resp. anymore).
Ok.
So eg. your banking app doesn’t have PIN verification “baked in” (as you said it)?
Yes, it relies on the OS, instead of doing the PIN request (e.g. during logins) itself. In my case, it says “without a set up device PIN you can’t use this app”, and won’t allow any further actions until it is activated.
The interesting fact is that on older versions it was OK. So somebody missed something with the update and does not fix it for two years.
Are you really sure the app you are having problems with now is still the same version that used to work?
This Bug is still an Issue in SFOS 4.6.0.13.
This would be very cool to get fixed in the next release. Shouldn’t be that difficult to make AppSupport think it is screen looked…
5 Likes
I saw it also in android forums. So the bug is in the underlying Android (lineage or aosp i don’t know?
It’s not a “bug” per se, more like an “adaptation with unintended consequences”. Sailfish’s AppSupport neutered the ability of the Android layer to have its own lock PIN, since Sailfish already has that ability on its own. However, Android apps can obviously only see the Android settings, so for them, the lock PIN is deactivated, which becomes a problem once apps mandate an activated lock PIN (as the German broker “Smartbroker+” does, in my case).
Unfortunately, this issue hasn’t been tackled with the latest update to 4.6.0.15 either. @jovirkku I know the issue is “tracked,” but is it actually on someone’s agenda?
2 Likes
Not tackled in Sailfish OS 5 either :\
Maybe we should create a list of affected apps (and the number of downloads according to Google Play, as a measuring stick for importance):
Danske ID - Danske Bank (500,000+ downloads)
SMARTBROKER+ Aktien & ETF (50,000+ downloads)
I will gladly update this list with further entries, just tell me which apps are affected (or if they no longer are). 
The missing ability to set a lock PIN inside the Android layer also thwarts any possibility to have 2FA “passkey” support (WebAuthn - Wikipedia) for Android apps (e.g. Firefox, which supports passkeys on Android 14 and upwards) in the future - as brought up here in April: Android Support Passkey configuration and lock screen.
Passkeys are funamentally flawed. All it does on top of a half-decent password manager is that the client software promises a few things. There are no enforcement mechanisms at all. I.e. Only one factor is actually authenticated. From a security or even general developer perspective, that’s completely insane to advertise as a feature, let alone call 2FA.
So this only furthers the argument that there is a strong correlation between silly apps and enforcing lockscreen password.
I’m not a fan of passkeys either, unfortunately some organizations are enforcing their usage (as my university, since today) without alternative.
The German automobile club ADAC has changed banks for its Visa card. It is now Solaris Bank. When paying with the ADAC Visa, the purchase must now be confirmed online or in the app. However, this app also requires an Android PIN…