I want to store sensitive data in an iPhone application but also have it be unlock-able via touch ID. I've thought of some options, none of which fully accomplish my goals and would like some advice on implementation.
Password protect app and encrypt data - Store only data encrypted with the user's password. Ask for password every time when decrypting to view data. I don't see how Touch ID would work in this scenario. It is secure but a pain to enter in password every time.
Password protect app only - Store raw data and only allow access if the user supplies the correct password / touch ID. This accomplishes the user experience I want but is that poor practice? Will Apple ultimately reject this method because the sensitive data is not encrypted? Keep in mind I am only storing data locally, there is no cloud/web server.
Scenario 1 with cache - The user enters in their password once a day, data is fetched, decrypted and then cached. The user need only authenticate the app while the decrypted data remains in cache. Clear cache if application is closed or a time limit is reached.
What does everyone think?
You have a few options.
Assume the user has their passcode enabled, and know that that means the DB is encrypted when the device is locked. For some cases, this is enough.
Encrypt the Core Data using Encrypted Core Data. FYI, this does work, but it has lots of limitations and bugs. We used it in an enterprise app and I regret using it.
Move away from Core Data to SQLite with SQLCipher. This is what I prefer now.
Bear in mind that you still have to deal with the DB key if you do per-app encryption. You can do this in a number of ways.