REL-ID for MobileREL-ID APIsREL-ID for Web
Guides
Start typing to search…

Permissions for iOS

Required Permissions for iOS – REL-ID SDK

To enable the full functionality of the REL-ID SDK—including identity verification, biometric authentication, geolocation-based risk analysis, and local network verification—your iOS app must declare specific permissions in the Info.plist file.

🔑 Info.plist Keys to Add

Insert the following keys and descriptions into your Info.plist:

<!-- 😶‍🌫️ Face ID usage for biometric login -->
<key>NSFaceIDUsageDescription</key>
<string>Enabling Face ID allows you quick and secure access to your account.</string>

<key>NSLocationWhenInUseUsageDescription</key>
<string>We employ the device's location to secure the app and provide a smooth and seamless experience.</string>

<!-- 🌐 Local network access for endpoint verification -->
<key>NSLocalNetworkUsageDescription</key>
<string>${PRODUCT_NAME} will verify the endpoint to which the application is connected.</string>

1. NSFaceIDUsageDescription

Purpose: Enables local device authentication using Face ID during the REL-ID user authentication flow.

Fallback: If not provided, the SDK will default to user password challenge.

2. NSLocationWhenInUseUsageDescription

Purpose: This permission is required to support the following security features:

  • Capture the device's location for login verification, including notification-based approvals and device fingerprinting.
  • Detect insecure Wi-Fi networks and support the whitelisting/blacklisting of Wi-Fi networks based on SSID and BSSID

Impact if Not Provided:

  • Device fingerprinting will be less accurate.
  • SSSID/BSSID-based Wi-Fi network whitelisting and blacklisting will not be available.
  • Detection of insecure Wi-Fi connections will be disabled.

📦 App Store Connect Privacy Settings

Location Data Collection:

  • Precise Location: Enabled
  • Coarse Location: DisabledUsage Details:
  • Uses kCLLocationAccuracyBest for accurate positioning.
  • Data is used only for security-related tasks like verifying login attempts and identifying insecure networks.

3. NSLocalNetworkUsageDescription

Purpose:

  • Allows DNS resolution
  • Detects rogue Wi-Fi access points

Impact if Not Provided:

  • Detection of fake or malicious Wi-Fi networks is not possible.

📋 App Store Review Guidelines

  • Clearly document how and why each permission is used.
  • Use user-facing descriptions that are specific, transparent, and privacy-focused.
  • Make sure the app only requests permissions when necessary to avoid rejection.

✅ Best Practices

  • Always test permission prompts on real devices.
  • Inform users of the benefit before triggering a system prompt.
  • Handle denial cases gracefully in the user experience.

Updated about 2 months ago