App Lock interfering with MS Auth app.

[DDWW 0]

ESET App Lock Interfering with MS Auth App

Older versions of Microsoft Authenticator did not have frontend access protection and I had been using ESET's App Lock feature to harden its security against its access.

Those security features have long since become available by the authentication app itself, creating a needless double-auth (fingerprint) when I open the authenticator, and so, I have removed the ESET App Lock from the authenticator, but it's creating a secondary issue:

My existing ESET App Lock feature to block access to Android Settings is invoking the ESET App Lock to prompt while running the internal biometrics routine that allows access to Microsoft Authenticator, even though App Lock itself is no longer applied to the authenticator app.

It effectively attempts to create a similar double-auth issue, but ESET App Lock fails to authenticate the fingerprint provided, and prompts for a PIN number, thus now creating a still-unwanted, but partially broken ESET security prompt that requires unwanted manual PIN input to bridge access between Settings (and native biometrics) and the built-in authenticator's unlock feature.

The only way I can get the authenticator app to run and prompt with only one biometrics prompt and access the app immediately is to remove App Lock from Android Settings, but then leaves access to settings open for manipulation.

As far I can tell, there is no native security against access to Android Settings once the phone is unlocked, and Settings is actually a "Suggested app" by ESET App lock. Although security policies prevent screenshots of the first fingerprint prompt, I have attached screenshots of the resulting failure to PIN Request and the authenticator's lock screen.

The flow appears to be as follows for the 3 possible configurations:

1) ESET App Lock ON Settings / ON Authenticator:

- Authenticator > ESET App Lock > Biometrics > Authenticator > Biometrics > Access

2) ESET App Lock ON Settings /  OFF Authenticator:

- Authenticator > ESET App Lock > Biometrics Failed > PIN Requested > Authenticator > Biometrics  > Access

3) ESET App Lock OFF Settings / OFF Authenticator:

- Authenticator > Biometrics > Access

I obviously want access to Microsoft Authenticator to flow like option 3), while in the configuration of option 2).

 

[Marcos 5,070]

Please open a support ticket using the built-in form and let logs to be submitted to ESET.