When you enable the biometric unlock feature, you can access your logins stored in ExpressKeys without typing your vault password, making it easier for you to take control of your password security.
ExpressKeys was built according to industry best practices for secure apps and cloud infrastructure, including conducting extensive threat models and security assessments.
ExpressKeys cannot access your biometrics data
ExpressKeys is only notified about whether the biometric authentication is successful or not by iOS. It can neither access nor store any data associated with the enrolled biometrics.
Learn more about how Apple handles biometrics security for Touch ID and Face ID.
Your vault password keeps your data protected
The biometric unlock feature does not replace your ExpressKeys vault password or weaken the security of ExpressKeys.
Even when the biometric unlock feature is enabled, your data stored in ExpressKeys is always encrypted with your vault password and protected at all times by zero-knowledge encryption.
Biometrics and vault password security for iOS
When you enable the biometric unlock feature:
- Your vault password is securely stored in the Secure Enclave and can only be accessed by the ExpressKeys app, but not any other apps or services.
- Upon successful biometric authentication, ExpressKeys gets access to the vault password stored in the Secure Enclave and uses it to unlock your logins.
When you disable the biometric unlock feature:
The vault password held in the Secure Enclave is deleted immediately.
When signing out of or uninstalling the ExpressKeys iOS app:
Your vault password is deleted from the Secure Enclave when you sign out of the app. While the vault password remains stored in the Secure Enclave when you delete the app, it can’t be accessed or used by other apps.
When a new biometric is added to your iOS device:
You will no longer be able to unlock ExpressKeys with biometrics, until you enter your vault password again. This ensures your logins are safe even if someone is able to add their biometrics to your device without your consent.
Need help? Contact our Support Team for immediate assistance.