Please fill out the following details:

1. Version of Mobile SDK Used: 10.2.0
2. Issue found in Native App or Hybrid App: Android
3. OS Version:12
4. Device: Samsung Note20
5. Steps to reproduce:
   a. User opens the app and performs login
   b. Screenlock activity is displayed
   c. User cancels the authentication and closes the app
   d. User opens the app and repeats step c
   e. User opens the app again, the ScreenLock activity is not displayed instead it redirects into the app without authenticating
6. Actual behavior: ScreenLock activity isn't displayed always
7. Expected Behavior: For authenticating the user, the ScreenLock activity should be displayed
8. Error Log:

Hi @sidrabasit is there anything else you can share about this? Any errors or exceptions thrown? Logs? I am not able to reproduce this on physical devices or emulators.

Hi,
We found another scenario, please find below steps:

1. Remove all fingerprint from the device setting
2. Login again to the app immediately, the app does not ask user for device passcode
   Even after logout and login again the device passcode is not asked.

Logs:
W Error during decryption
javax.crypto.AEADBadTagException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
at java.lang.reflect.Constructor.newInstance0(Native Method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:343)
at com.android.org.conscrypt.OpenSSLAeadCipher.throwAEADBadTagExceptionIfAvailable(OpenSSLAeadCipher.java:320)
at com.android.org.conscrypt.OpenSSLAeadCipher.doFinalInternal(OpenSSLAeadCipher.java:371)
at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:374)
at javax.crypto.Cipher.doFinal(Cipher.java:2114)
at com.salesforce.androidsdk.analytics.security.Encryptor.decrypt(Encryptor.java:573)
at com.salesforce.androidsdk.analytics.security.Encryptor.decrypt(Encryptor.java:182)
at com.salesforce.androidsdk.analytics.security.Encryptor.decrypt(Encryptor.java:156)
at com.salesforce.androidsdk.analytics.security.Encryptor.decrypt(Encryptor.java:130)
at com.salesforce.androidsdk.app.SalesforceSDKManager.decrypt(SalesforceSDKManager.java:1084)
at com.salesforce.androidsdk.accounts.UserAccountManager.buildUserAccount(UserAccountManager.java:410)
at com.salesforce.androidsdk.accounts.UserAccountManager.getAuthenticatedUsers(UserAccountManager.java:251)
at com.salesforce.androidsdk.ui.OAuthWebviewHelper.logAddAccount(OAuthWebviewHelper.java:729)
at com.salesforce.androidsdk.ui.OAuthWebviewHelper.access$700(OAuthWebviewHelper.java:105)
at com.salesforce.androidsdk.ui.OAuthWebviewHelper$2.run(OAuthWebviewHelper.java:716)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
at java.lang.Thread.run(Thread.java:1012)

Is there any work around for this issue?

Hello @sidrabasit, @rahulrkrish91 and apologies for the delay but I did not want to rush this.

What I concluded pretty early on is that the ScreenLock activity not displaying is merely a side effect of the real issue: the decryption error. I have one device that I can occasionally get into this failed decryption state and many others that I cannot. Unfortunately, debugging this ends when the decryption error is spit out of a proprietary code blob I cannot step though or inspect. Since there is no way to mitigate a failed decryption this is a dead end.

A coworker reached out to a contact they have at Google and this seems to be known hardware related issue with some devices. They are of the opinion that it is not widespread enough to bother investigating a fix. If you believe this is a widespread issue you are welcome to take it up with them but we simply do not have the bandwidth to lean on anyone to get this fixed.

If I had discovered any kind of mitigation or workaround that may change things, but as it stands this issue seems to be entirely unrelated to the Salesforce Mobile SDK.