Thanks for you reply. That makes sense. I want to prevent having the biometric authentication permission popup show up to our users as we are not actually using biometrics to authenticate. From what I understand, including the privacy string will not trigger the popup, but rather the usage of evaluatePolicy will. If this is the case, there are no downsides to including the privacy string on my end.

Bug fix request: https://feedbackassistant.apple.com/feedback/18413626

Hi Kevin, thank you for your thorough answer. I changed the bundle ID of my app that I am testing and retested on the iPhone 15 iOS 18.5 and it still did not crash. I went ahead and also tested the app (with the new bundle ID) on the iPhone 15 iOS 18.3.2 and it crashed. Please advise for next steps, thank you!

So it looks like the difference in behavior is due to the difference in iOS version. The reason I am trying to get to the bottom of this is because we are trying to make our testing process more robust. Would we need to test on every iOS version that we support to ensure that our application works as intended on all versions? Since it seems like we are getting different behavior based on the iOS version that is running.

I did some additional testing with the same ipa file and got the following results: iPhone 15 iOS 18.5 - didn't crash iPhone 13 iOS 18.5 - didn't crash iPhone 15 iOS 18.3.2 - crashed iPhone 13 iOS 18.3.2 - crashed

Copy of comment below.

Copy of comment below.

Hmm we are using the same ipa file to test on both devices though. Thank you for the information regarding the privacy string when using CBCentralManager. Do you have insight into whether a privacy string is needed for using LAContext's canEvaluatePolicy function? From testing, it looks like a privacy declaration is only needed when using LAContext's evaluatePolicy which would actually authenticate the user.

Do you have more information on unsupported techniques? Even if it will fail for a small subset of my users