System Passcode Detection
One of the key methods of protecting a device is to use a system passcode that prevents unauthorized use of the device.
Malwarelytics for Apple is able to detect whether a system passcode is enabled and when the system passcode configuration changes.
Configuration
There’s no configuration for the feature.
Usage
After service creation, the system passcode detection feature can be accessed via AppProtectionRasp. This can be used to add a delegate or to trigger a manual system passcode detection check.
Observing Detection
The system passcode detection can trigger an action when the passcode configuration changes. To achieve that, a delegate needs to be added.
Delegate configuration:
class RaspDelegate: AppProtectionRaspDelegate {
// other delegate code
func systemPasscodeConfigurationChanged(enabled: Bool) {
// handle system passcode configuration change detection
}
}
The delegate can be added in AppProtectionRasp. When it is no longer needed, it can be removed again.
let raspDelegate = RaspDelegate()
appProtection.rasp.addDelegate(raspDelegate)
appProtection.rasp.removeDelegate(raspDelegate)
Triggering a Manual Check
The system passcode detection check can be triggered manually in AppProtectionRasp by getting the isSystemPasscodeEnabled property value. A simple Bool answer is given.
let isSystemPasscodeEnabled = appProtection.rasp.isSystemPasscodeEnabled
More information on general RASP feature configuration and usage can be found in this overview.