Fall Back to BankID or Vipps When Biometrics Fail

• Given a biometric failure (hardware error, too many attempts, or OS-level biometric change), when the Biometric Auth Service receives a failure response, then the Biometric Auth Screen displays a friendly message and a prominent 'Use BankID or Vipps' button
• Given a user whose biometric credentials are invalidated (e.g., new fingerprint enrolled at OS level), when they attempt biometric login, then the app detects the invalidation, clears the stale biometric token reference, and presents the BankID/Vipps selection screen
• Given a user who completes BankID or Vipps authentication as a fallback, when the new session is established, then the app offers biometric re-enrollment before navigating to the home screen
• Given an app reinstallation where Secure Storage is cleared, when the user launches the app, then no biometric prompt appears and the user is directed to the initial BankID/Vipps login flow
• Given a user on a device where biometrics become unavailable mid-session (e.g., too many failures disabling OS biometrics), when they attempt biometric auth, then the app handles the OS error gracefully without crashing and presents the fallback option within 1 second

Authentication fallback resilience is critical for user retention. A peer mentor who cannot log in to register an activity is likely to skip the registration entirely — exactly the underreporting problem the app is built to solve. Graceful fallback ensures users are never blocked from their primary workflow, maintains trust in the app's reliability, and prevents support escalations from users locked out by biometric failures.

• Biometric Auth Screen ui
• Biometric Auth Service service
• Auth Token Repository data
• BankID Login Screen ui
• Vipps Login Screen ui