Skip to content
SuperMail docs

Biometric unlock

SuperMail supports biometric app locks on iOS (Face ID / Touch ID) and Android (fingerprint / face unlock where supported).

Enabling biometric lock

Settings → Privacy → Require biometric unlock.

Set the grace period:

  • Always - every app open requires biometrics.
  • After 1 minute - re-prompt after 60 seconds of inactivity.
  • After 15 minutes - re-prompt after 15 minutes of inactivity.
  • On launch only - prompt once per cold launch.

What happens if biometrics fail

  • A failed biometric prompt drops you to the SuperMail email + password sign-in screen. There’s no in-app retry counter; the OS handles its own retry / fallback behavior on the biometric prompt itself, and once we get a “failed” result we hand off to password.
  • No biometrics configured on device - the option is hidden in Settings → Privacy and the app falls through to email + password sign-in as usual.

What’s protected

When the lock engages, the entire app is hidden behind a full-screen lock overlay until you authenticate (biometrics or password). The inbox, reader, composer, and settings are all inaccessible until you’re back in.

What’s not protected

  • Past notification history on iOS Notification Center isn’t retroactively blurred; disable “Show previews on lock screen” at the OS level if you need that.
  • Spotlight / Quick Search indexing is off by default; no message content is searchable outside the app.
  • Background sync continues regardless of lock state (you need sync to run for push to arrive).

Local storage encryption

Independent of the biometric lock, all on-device caches (attachments, cached bodies) are stored in the platform secure enclave:

  • iOS: NSFileProtectionComplete - inaccessible until the device is unlocked post-boot.
  • Android: Android Keystore-backed encryption for mailbox data.