HIGHLIGHTS
- WhatsApp for iPhone allows users to lock the app with Touch ID or Face ID
- The feature was added via an update earlier this month
- A similar feature is not available on Android right now
Earlier this month, Facebook-owned WhatsApp rolled out an update for its iPhone chat app, which included support for biometric authentication using Face ID or Touch ID. Now, it is being reported that the biometric authentication implementation in the app has a bug that allows anyone to get access to WhatsApp without going through Touch ID or Face ID. WhatsApp has confirmed the existence of the bug and the company will soon release a fix for the same.
As spotted by Reddit user de_X_ter, the WhatsApp bug only works when the user has selected the biometric authentication kick-in time to anything except Immediately, with the other options being After 1 minute, After 15 minutes, and After 1 hour. According to the Redditor, the bug activates when anyone tries to use WhatsApp Share Extension in any app. Ideally even when sharing anything on WhatsApp using iOS Share Sheet should trigger Touch ID or Face ID requirement, but it doesn't when the user has selected anything except Immediately in WhatsApp > Account > Privacy > Screen Lock.
Also, if one jumps to the home screen from the iOS Share screen, they can open WhatsApp without any interference from Touch ID or Face ID. It doesn't matter if you are way past the 1-minute, 15-minute, or 1-hour mark, which is set in WhatsApp Screen Lock. This is a weird bug but it completely bypasses screen lock in WhatsApp, rendering the whole biometric authentication useless. It is unclear if it is an issue with WhatsApp's implementation or an inherent bug in iOS.
Gadgets 360 was able to confirm the existence of the bug on two iPhone units, one with Touch ID and the other with Face ID.
“We are aware of the issue and a fix will be available shortly. In the meantime, we recommend that people set the screen lock option to immediately," a WhatsApp spokesperson told Gadgets 360.
As WhatsApp notes, if you like to use biometric authentication on WhatsApp on iPhone, it is ideal to set the screen lock kick-in time to Immediately. Any other option will leave your WhatsApp vulnerable to the bug. WhatsApp for Android doesn't include a similar feature right now.
No comments:
Post a Comment