I'm working on an iOS app that uses Face ID to access the app, but when they change their face id (add or remove), I want to detect that and get them to use their password (I've already built the password thing) before being able to use face id again. I know that I should be using kSecAccessControlBiometryCurrentSet (found here), and that the flag gets invalidated when the user adds or removes a face, or changes their enrolled face. However, I'm not sure how any of that kSecAccessControlBiometryCurrentSet stuff works because I haven't found too much on it.
So I guess my question is what is the recommended way to detect changes in Face ID? And can I retrieve the current state of the kSecAccessControlBiometryCurrentSet flag, and see if its invalidated?
Oh and by the way, I've seen this on apps like lastpass, so I think its possible.
If you have any questions whatsoever (I bet my question was pretty hard to understand), feel free to ask :D
Thanks :D