FaceID in iOS Simplifi App broken

AppuseriOS
AppuseriOS Member
edited December 2023 in Report a Bug

It does not secure your app with FaceID when you launch the app. If the app is closed and you open the app with FaceID enabled in the Simplifi app settings, the app will not request FaceID and open the app without any security. This is a HUGE flaw in the app design.

Please fix this feature so when 1) FaceID is On in the app, 2) the app should require FaceID authorization before the app is unlocked and displays personal information

Tagged:
«1

Comments

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @AppuseriOS, thanks for reaching out!

    I'd suggest uninstalling and reinstalling the Quicken Simplifi Mobile App while performing a device reboot in between to see if doing so helps to clear things up for you with FaceID.

    Please let us know how it goes!

    -Coach Natalie

    -Coach Natalie

  • Thanks for your suggestions. I have already tried the following steps with no luck. I noticed FaceID will work if the app is already open and you switch between other apps and switch back to Simplifi. Just doesn’t work when you launch Simplifi when it’s completely closed/exited.

    • Reset phone
    • Reboot phone
    • Uninstall and reinstall app
    • Turn off and on FaceID in phone settings

    Please have someone on your team test this out because it really doesn’t work.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @AppuseriOS, thanks for giving those steps a try and posting back!

    I don't personally have an iPhone, but I had a coworker take a look at this on their iPhone. They found that the FaceID settings are only for "locking" — do you have FaceID settings for "launching" in your phone?

    -Coach Natalie

    -Coach Natalie

  • SiChi99
    SiChi99 Member

    Hello I am a new Simplifi subscriber and I noticed this issue as well. The faceid setting only applies if the app is already open and then one the user switxhes away and back. It does NOT require immediate faceid/passcode authentication on starting the app which as the original poster mentioned is a HUGE issue. Please please this should be prioritized as it leaves the app vulnerable if someone manages to access the unlocked phone.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @SiChi99, thanks for posting on this topic!

    To clarify, do you have FaceID settings for "launching" in your phone? If not, it sounds like my last comment stands (FaceID settings are for "locking"), and I'd suggest checking out this existing request instead:

    Please let us know!

    -Coach Natalie

    -Coach Natalie

  • SiChi99
    SiChi99 Member
    edited January 8

    this is the setting I have (and the only one that seems available in the mobile app). With this setting simplify does NOT require faceid or passcode on a fresh launch of the app.

    [edited image to reduce size]

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @SiChi99, thanks for the screenshot!

    Yes, it looks like your FaceID settings are for "locking" and not for "launching", so I'd suggest visiting that request for MFA for the app and following it for updates.

    -Coach Natalie

    -Coach Natalie

  • AppuseriOS
    AppuseriOS Member

    Not sure if it was our complaining or someone at Quicken figured it out. But it looks like the NEW update released TODAY fixed the security concern.

    I installed it and a fresh launch of Simplifi is blocked by FaceID, which is the correct way the security should work.

  • SiChi99
    SiChi99 Member

    yeah confirmed it works now. Good job quicken!

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    That's awesome, glad to hear it!

    -Coach Natalie

    -Coach Natalie

  • AppuseriOS
    AppuseriOS Member

    Still somewhat broken.

    The FaceID feature when fresh launching the app is not always 100% working. Meaning, sometimes it will prompt for FaceID, and other times when you fresh launch it will still not check FaceID and take you straight into the Dashboard. I think the developers tried to fix this in the most recent version, but this security is still not 100% working and leaves the app unsecured.

    Please help bring this to the developers attention and fix this.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @AppuseriOS, thanks for letting us know!

    I'd suggest uninstalling and reinstalling the Quicken Simplifi Mobile App to see if doing so clears things up for you. If you can, maybe try disabling and re-enabling FaceID for the app as well just to refresh everything.

    Let us know how it goes!

    -Coach Natalie

    -Coach Natalie

  • AppuseriOS
    AppuseriOS Member

    Tried your suggestion and there’s no difference. The behavior is still the same. 😞

  • SRC54
    SRC54 Member ✭✭✭✭

    Just chiming in here to say FWIW that I hate FaceID in iPhone. It is hit and miss in most of my apps and the same with unlocking the phone. Finger ID worked so much better. So I never noticed it Simplifi. I have noticed it in other apps though.

    Steve
    Quicken Simplifi (Safari & iOS) Since 2021
    Quicken Classic (MacOS) Since 2009

  • Joe Videoguy
    Joe Videoguy Member
    edited January 22

    I have FaceID and passcode checkmark turned on in mobile app. But the app doesn't seem to check for FaceID. I don't see a way to configure passcode for the app.

    I let the mobile face wall and launch the app. I expect it fail because it is not my face it is facing. But it comes up and shows the dashboard.

    What am I missing here?

    I prefer to configure a passcode for this app different from my phone's app code.

    Is it possible?

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @AppuseriOS, thanks for giving those steps a try and posting back!

    Although the issue could lie with FaceID, we can certainly escalate what you're seeing to try to find out what's going on. To do so, though, we'd need some specific data as follows:

    1. A video of launching Quicken Simplifi and not being prompted for FaceID.
    2. A screenshot of your FaceID settings.
    3. If there's a way to show that FaceID is enabled for the Quicken Simplifi Mobile App specifically, please also provide a screenshot of that.
    4. We'll want to track a few times the issue occurs, as well as a couple of times when FaceID works as expected. I'd say document the date and time of two successful attempts and the date and time of two unsuccessful attempts.
    5. The make, model, and OS of your mobile device.

    Please also submit your logs via the 'Send Feedback' option:

    1. Log into the Quicken Simplifi Web App.
    2. Select Profile from the left-hand navigation bar.
    3. With the Profile menu open, hold down the Option key for Mac or the Alt key for Windows, and then click Send Feedback
    4. Leave all boxes checked, add a brief description of the issue, and then click Send.

    We look forward to your reply!

    -Coach Natalie

    -Coach Natalie

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin
    edited January 23

    @Joe Videoguy, thanks for posting!

    To clarify, are you experiencing the issue that was reported here where FaceID only works when navigating away and then back to the Quicken Simplifi Mobile App, but it doesn't work when launching the App? — [removed link to merged thread]

    As for enabling FaceID for Quicken Simplifi, I don't personally have an iPhone so I'm not sure what to suggest. Is FaceID something that has to be enabled for each individual app? If so, you might need to reference some help content from Apple to see if you can learn how to enable it for Quicken Simplifi.

    I found this link that might help: https://support.apple.com/en-us/HT208109#:~:text=To%20see%20and%20control%20which,in%20to%20the%20app%20first.

    Please let us know so we can best assist!

    -Coach Natalie

    -Coach Natalie

  • Thanks Natalie.

    My issue is same as the one you listed above.

    This makes me wonder how good is the security of your mobile app and your backend.

    Please get this fixed asap.

    Thanks

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @Joe Videoguy, thanks for confirming!

    Although I won't be able to fix the issue, we can certainly do some troubleshooting and then escalate it so it can be reviewed and hopefully fixed by our product team. With that, were you able to take a look at your FaceID settings to see if they're app-specific or anything along those lines?

    -Coach Natalie

    -Coach Natalie

  • I did and I don't see anything different in terms of configuration that could be causing it.

    I also used "Send Feedback" option from dashboard/profile to report the issue.

  • johneylulu_lv
    johneylulu_lv Member
    edited January 26

    I've been experiencing similar issue that the app does NOT require FaceID when launching it, but also asks for FaceID when returning to the app after the app was already opened. Please speak to your engineer team that this is a SERIOUS hug that needed to be fix, considering this is a financial app and extra layer of security is essential. Any bank app has this feature, thus it is very common. My version is 4.17.0.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    Hey everyone, in order to get something like this in front of our product team, we'll need some specific data from everyone:

    1. A video of the behavior.
    2. A screenshot of your FaceID settings.
    3. If there's a way to show that FaceID is enabled for the Quicken Simplifi Mobile App specifically, please also provide a screenshot of that.
    4. We'll want to track a few times the issue occurs, as well as a couple of times when FaceID works as expected. I'd say document the date and time of two successful attempts and the date and time of two unsuccessful attempts.
    5. The make, model, and OS of your mobile device.

    Please also submit your logs via the 'Send Feedback' option:

    1. Log into the Quicken Simplifi Web App.
    2. Select Profile from the left-hand navigation bar.
    3. With the Profile menu open, hold down the Option key for Mac or the Alt key for Windows, and then click Send Feedback
    4. Leave all boxes checked, add a brief description of the issue, and then click Send.

    Thanks!

    -Coach Natalie

    -Coach Natalie

  • gwcali
    gwcali Member

    It couldn't be simpler to reproduce. It's a serious security bug that needs to be fixed properly.

    FaceID settings in the app are: FaceID enabled, automatically lock set to immediately

    Steps to reproduce:

    1. Open the app and authenticate with FaceID
    2. Force-close the app
    3. Within a few seconds, open the app again

    Expected behavior: App opens into the locked state and waits to authenticate with FaceID

    Actual behavior: App just opens without authenticating

    Reproducibility: Every time

    iPhone 15, iOS 17.3

  • SiChi99
    SiChi99 Member

    it really is this simple. As a developer myself this does not need further grooming or any videos or any other evidence. It’s directly observable and reproducible. In a paid app this is an unacceptable security lapse and should be prioritized accordingly.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    Hey everyone, I don't personally have an iPhone, but @Coach Blake does and he's done some testing on this. He found that when FaceID is enabled and set to "Immediately", the Quicken Simplifi Mobile App will use FaceID each time it's launched. Can you all give this a try and let us know how it goes, please?

    Thanks!

    -Coach Natalie

    -Coach Natalie

  • SiChi99
    SiChi99 Member

    Can you have @Coach Blake follow @gwcali ticket please ? It’s clearly laid out on the steps to reproduce the bug. All of our face if settings are set to immediate. It does NOT help. I am quoting the instructions again here

    FaceID settings in the app are: FaceID enabled, automatically lock set to immediately 

    Steps to reproduce:

    1. Open the app and authenticate with FaceID
    2. Force-close the app
    3. Within a few seconds, open the app again

    Expected behavior: App opens into the locked state and waits to authenticate with FaceID

    Actual behavior: App just opens without authenticating

    Reproducibility: Every time

  • This still happens everytime. Quicken app will never ask for Face ID until it has been activated at least once. It then forgets about Face ID after awhile. It’s straight up broken and easily reproducible so not sure why quicken is refusing to acknowledge this is a bug and putting the fault on the user.


  • Coach Natalie
    Coach Natalie Administrator, Moderator admin
    edited February 19

    Hello All,

    It sounds like users in this thread have described varying behavior, such as FaceID sometimes working on launch, FaceID not working at all on launch, etc. In order for these scenarios to be reported as a bug, we need the following data:

    1. A video of the behavior or the steps to reproduce the issue for your individual case.
    2. A screenshot of your FaceID settings.
    3. If there's a way to show that FaceID is enabled for the Quicken Simplifi Mobile App specifically, please also provide a screenshot of that.
    4. We'll want to track a few times the issue occurs, as well as a couple of times when FaceID works as expected. I'd say document the date and time of two successful attempts and the date and time of two unsuccessful attempts.
    5. The make, model, and OS of your mobile device.

    Please also submit your logs via the 'Send Feedback' option on the Web App:

    1. Log into the Quicken Simplifi Web App.
    2. Select Profile from the left-hand navigation bar.
    3. With the Profile menu open, hold down the Option key for Mac or the Alt key for Windows, and then click Send Feedback
    4. Leave all boxes checked, add a brief description of the issue, and then click Send.

    Alternatively, you are all welcome to contact our Support Team directly for more advanced assistance in reporting this: https://help.simplifimoney.com/en/articles/5077917-how-to-contact-support

    Thanks!

    -Coach Natalie

    -Coach Natalie

  • Can't send a Video as it would display my dashboard showing my financial information. Also I don't have a MAC, and an iPhone doesn't have a feedback option, as far as I know. Using iPhone 12 with the latest update. I did do a reinstall of the Quicken Simplifi App to ensure I had the latest update of that as well.


    Procedure I used.

    1. get an iPhone, Install the app, go to my account settings (icon top left corner)
    2. Select Passcode & Face ID
    3. Select Automatically Lock - Immediately (See Pic from member SiChi99 Above)
    4. Close the App, by swiping up from the bottom of the screen.
    5. Open the app. Face ID will work every time as the app was only minimized, and not Closed.
    6. Close the app, by swiping up. (Which minimizes the App).
    7. Swipe up again from the bottom of the screen which will display all currently open apps
    8. Select the Quicken Simplifi app, hold and swipe up. This will Close the app (you can confirm you have exited the App by repeating step 7. the app should no longer be displayed)
    9. Wait 15-30 seconds. without looking at your phone, (or have a friend do it, in order to ensure Face ID does not recognize someone). Open the app.
    10. Repeat step 6 to 10 several times

    From what I have done, 30% of the time Face ID will work, but 70% of the time, the app will open directly to your dashboard, as if the Face ID lock function was not activated/selected.

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @dalain, thanks for the outline!

    What is the latest update for iOS so we can include the OS of your mobile device? For submitting your logs, that is correct that they cannot be submitted via the Quicken Simplifi Mobile App — do you have access to a computer to do so from the Web App at all? If not, it's ok. Also, if you have a video but prefer to keep it private, you can DM it to me here in the Community.

    -Coach Natalie

    -Coach Natalie