iOS 26+ (some users only) Keychain item readable right after save, but missing after app relaunch (errSecItemNotFound -25300)

Hi, I’m seeing a production issue on iOS 26+ that only affects some users.

symptoms:

1. It does NOT happen for all users.
2. It happens for a subset of users on iOS 26+.
3. If we write a value to Keychain and read it immediately in the same session, it succeeds. However, after terminating the app and relaunching, the value appears to be gone: SecItemCopyMatching returns errSecItemNotFound (-25300).

Repro (as observed on affected devices):

1. Launch app (iOS 26+).
2. Save PIN data to Keychain using SecItemAdd (GenericPassword).
3. Immediately read it using SecItemCopyMatching -> success.
4. Terminate the app (swipe up / kill).
5. Relaunch the app and read again using the same service -> returns -25300.

Expected: The Keychain item should persist across app relaunch and remain readable (while the device is unlocked).

Actual: After app relaunch, SecItemCopyMatching returns errSecItemNotFound (-25300) as if the item does not exist.

Implementation details (ObjC): We store a “PIN” item like this (simplified):

• addItem:

  • kSecClass: kSecClassGenericPassword
  • kSecAttrService: <FIXED_STRING>
  • kSecValueData: <Item bytes>
  • kSecAttrAccessControl: SecAccessControlCreateWithFlags(..., kSecAttrAccessibleWhenUnlockedThisDeviceOnly, 0, ...)

• readItem (SecItemCopyMatching):

  • kSecClass: kSecClassGenericPassword
  • kSecAttrService: <FIXED_STRING>
  • kSecReturnData: YES
  • (uses kSecUseOperationPrompt in our async method)

Question: On iOS 26+, is there any known issue or new behavior where a successfully added GenericPassword item could later return errSecItemNotFound after app termination/relaunch for only some users/devices?

What should we check to distinguish:

• OS behavior change/bug vs.
• entitlement/access-group differences (app vs extension, provisioning/team changes),
• device state/policies (MDM, passcode/biometrics changes),
• query attributes we should include to make the item stable across relaunch?

Build / Dev Environment:

• macOS: 15.6.1 (24G90)
• Xcode: 26.2