Keep Any iOS App Private with Biometric Authentication

Originally published at: Keep Any iOS App Private with Biometric Authentication - TidBITS

As iPhones and iPads become an increasingly integral part of our daily lives, it’s not uncommon to have an app that contains information so personal that we wouldn’t want others to stumble across it. That could be a child using your iPhone to play a game or a friend swiping through photos you want to show them. To prevent unauthorized access, some apps containing personal data now offer options that require biometric authentication or a separate passcode before allowing access.

A new feature in iOS 18 and iPadOS 18 now enables you to protect any app with Face ID or Touch ID. It’s simple to set up and use: just touch and hold an app, then select Require Face ID from the menu that appears. The device will then prompt you to choose whether to require Face ID only or hide the app to prevent others from realizing it exists.

After enabling the option to require Face ID, your device will ask you to authenticate whenever you try to open the app or display its content in other places. With Face ID, you’ll barely have time to read “Face ID required to open App” on an otherwise blank screen before the app appears. With Touch ID devices, I assume you’ll need to move your finger to the Home or top button, which won’t be as seamless. If biometric authentication fails—like when Face ID doesn’t work for me because I’m not wearing my glasses and I hold the iPhone too close to my face—you must tap Try Face ID Again before trying to authenticate again. If multiple attempts fail, you’ll be asked for your passcode.

Hiding the app is more involved. When you tap Hide and Require Face ID, the device explains what will happen, although not very clearly. First, it says that the app “will no longer be visible on your iPhone, except in a few places such as Settings.” I’m unsure what other places Apple has in mind, but the apps I hid also vanished from Settings > Apps. Second, under “Obscured App Appearance,” Apple says that the app “will be obscured on your Home Screen and in a folder for hidden apps in the App Library.” This is just poor writing. The app isn’t “obscured” on your Home Screen; it disappears entirely from the Home Screen.

You could interpret the App Library’s behavior as “obscured,” though I wouldn’t describe it that way. A new Hidden folder appears at the bottom of your App Library but doesn’t display its contents until you tap it and authenticate with Face ID. Then, the icons of all the hidden apps appear, and tapping one opens it.

To turn off the feature, touch and hold the app icon on the Home Screen, in the App Library, or in Spotlight, and then choose Don’t Require Face ID from the menu that appears. If you want to reveal a previously hidden app but retain biometric authentication, you’ll have to toggle the entire feature off and back on.

Overall, Apple has done a commendable job of giving users more control over their privacy with specific apps. It’s important to remember that if you trust someone with your passcode, it could grant them access to your otherwise secure apps. However, it’s unlikely that anyone with passcode access would accidentally discover an app that’s hidden or even just restricted to the App Library. Security through obscurity is far from guaranteed, but it’s sufficient in many low-impact situations.

This is definitely a good start. I hope they continue to further refine it.

I’d like to see the option for a separate passcode, like with Guided Access.

Seems like they didn’t quite finish fleshing out this feature, as indicated by the somewhat vague language of the tutorial as you pointed out.

The separate passcode would ensure that even people with the main passcode couldn’t get into certain apps, but it would have to be done very carefully so it couldn’t be used against the primary user. If Person A gives Person B the passcode to their iPhone legitimately (they’re married or whatever), Person B would then have the power to lock Person A out of certain apps by implementing an app-specific passcode. That seems problematic to me.

Apple seems to consider that iPhones and iPads are single person devices. The privacy restrictions are designed for the situation where you hand your device to someone to do something and want to make sure that they are excluded from some things, like your photo library. Notes has similar ability to restrict.

As I’ve found out, if you enable this feature on Messages and WhatsApp you cannot then use the apps in CarPlay to dictate and listen to messages. You need to turn the feature off when driving.

For some reason it doesn’t appear to work on my Contacts app.

Interesting! Yes, now that I look, there are a handful of core Apple apps that don’t include the Require Face ID option, including Contacts, Camera, Clock, Watch, Shortcuts, Home, Calculator, etc. It makes sense—contact information is required by various apps throughout the system so they would behave quite randomly without authentication, and the others don’t really protect information.

Instead of having to block/hide all and every app I would not want others to have access to beforehand, I think it would be simpler to have an OS-wide option to ‘limit to this app’ and, in case of Photos, ‘limit to this album’ you could tap before handing your phone to someone else. This option could be put in Control Center for access in every app. After selecting that option your iPhone or iPad would become a ‘single app’ device that would not offer access to anything else except the active app (or active album), requiring authentication by Face- or TouchID (or passcode) to exit this state.

With the exception of the particlar album, that’s been in iOS for quite some time. Settings / Accessibility / Guided Access. And you can do the particular album with a third-party photo app that is limited to a particular album.

Wow, I did not know that. Thanks!
I tried it and it does mostly what I want. I also added ‘Guided Access’ to Control Center so now turning that on is just a swipe and a touch.

Interesting that hidden apps aren’t listed in the list of running apps (swipe up half way), unless you go to it directly from that app.

And when you search for a hidden app it’s not listed as installed.

I wrote about Guided Access a few months back.

I think I missed that. Thanks, that article was very informative

Very good point.

I suppose the real solution we’re all waiting for is multiple user accounts, at least on iPad.

I love this feature! However, why doesn’t Find My let me set “Require Face ID” in my iPhone 12 mini? :(

See Lock or hide an app on iPhone - Apple Support

Note: Some of the apps that come with iPhone can’t be locked—including Calculator, Camera, Clock, Contacts, Find My, Maps, Shortcuts, and Settings.

Thanks. I wonder why they didn’t give options for those.

I suspect it’s because their data is required throughout iOS, as I suggested above. The locking applies to the use of the data by other apps, not just access to that app.