It'd be great to choose between the two possible evaluatePolicy options when calling verifyIdentity.

Right now, with verifyIdentity only using deviceOwnerAuthentication, it'd be great to have the option to use deviceOwnerAuthenticationWithBiometrics instead.

So in the verifyIdentity payload, an option key could be something like useFallback which if set to false, would evaluate only with Biometrics, but if left empty or set to true, it would also prompt the user to enter their passcode.

Having flexibility on this would a nice improvement, as this is not ideal in all user auth flows.