WTH - Dangerous/Sensitive actions to need explicit user identification (fingerprint)

marcusn · December 6, 2024, 9:47pm

I know we have “Lock app” which is a “gate all” solution.

However, I still believe we should have sensitive actions to require immediate fingerprint confirmation (configurable).

Examples:

Gain physical access to a house by unlocking the Front Door.
Disabling the alarm

Where I live it is common for people to have their phones stolen while unlocked, with the intention to transfer money, identity theft, etc. Soon enough someone will realise they can use it to unlock houses. I want to be ahead of the problem.

App Lock can be enabled, but within the session timeout anything is possible. Or you have the app constantly locking, or you are potentially exposed.

I believe we could add one extra type parameter here:

Something like this:

  confirmation:
    text: Are you sure you want to restart?
    type: biometric
    exemptions:
      - user: x9405b8c64ee49bb88c42000e0a9dfa8
      - user: 88bcfbdc39155d16c3b2d09cbf8b0367

Or maybe a boolean require_biometrics to avoid overusing the type field name.

potelux · December 6, 2024, 10:09pm

Currently, actions can have confirmation pop ups. While this isn’t secure, it does prevent accidental presses of sensitive actions. You can also filter the visibility of certain buttons by user, so only you could have access to the “Disable Alarm” button. If only you can unlock your phone, and only you can see the button, then only you can disarm the alarm.

As for the idea of sensitive actions, Home Assistant can’t really know that out-of-the-box for all users, but it could potentially be user-defined.

The security aspect is similar to the RBAC WTH: WTH no access control - #38 by jrittenh

tom_l · December 6, 2024, 10:24pm

This is called “context” in HA speak. And there is a WTH open to request it be made more user friendly. See: WTH There's no "who changed a switch" sensor?

marcusn · December 7, 2024, 12:21pm

I think I wasn’t very clear on my explanation. So I added some clarification.

tom_l · December 7, 2024, 8:51pm

Oh, you mean an actual fingerprint reader.

Why not just lock your phone?

marcusn · December 7, 2024, 10:27pm

I covered that on the OP…

People are mugging phones while owners are using them (hence unlocked), with the intention to transfer money, identity theft, etc. Soon enough someone will find out they can use it to get into houses, I want to be ahead of the problem.

We have Lock App, but it is still not good enough IMHO. Or you have an app that is constantly locking in order to achieve this level of security, or you are exposed.

marcusn · December 7, 2024, 10:31pm

I believe we could add one extra type parameter here:

Something like this:

  confirmation:
    text: Are you sure you want to restart?
    type: biometric
    exemptions:
      - user: x9405b8c64ee49bb88c42000e0a9dfa8
      - user: 88bcfbdc39155d16c3b2d09cbf8b0367

Or maybe a boolean require_biometrics to avoid overusing the type field name.