One thing that passed me by was the functionality offered by the UserConsentVerifier class on Windows 10.

I think the docs are a bit misleading here because they say that this class;

“Checks for availability of a biometric (fingerprint) verifier device and performs a biometric verification.”

and I’m not sure whether that’s quite right on Windows 10 and if I look at the doc for the RequestVerificationAsync method then it says that what it does is;

|Performs a fingerprint (biometric) verification.|

Which doesn’t really seem right to the results that I see if if I run this code which uses the API on my Surface Pro 3;

      var result = await UserConsentVerifier.CheckAvailabilityAsync();

      if (result == UserConsentVerifierAvailability.Available)
      {
        var verifiedResult = await UserConsentVerifier.RequestVerificationAsync(
          "Just checking that you are really you :-)");

        if (verifiedResult == UserConsentVerificationResult.Verified)
        {
          // we're ok.
        }
      }

then, without any kind of biometric authentication mechanism, this code asks me to verify my PIN on my device to, effectively, ensure that it’s me who’s currently sitting in front of my the device;

In this case the API asks me to say ‘Hello’ to my PC using the PIN number that I’ve set up which is, clearly, not a biometric authentication mechanism but if I get the PIN number correct then that will satisfy the API’s requirements.

If I run this on my 950XL phone then it offers me both a biometric option (iris scanner) and a PIN option. I haven’t tried but I assume that if I plugged a RealSense or Kinect camera into my Surface Pro 3 then facial identification would become an option there.

So…a simple API to request that the logged in user can authenticate themselves to the system at a point in time where your app needs them and that’s not specifically tied to biometric mechanisms.