News has reported that there is a way found to bypass WhatsApp’s Face or Touch ID security locks. Earlier this year these biometric security actions were introduced, but appear to be comparatively easy to ignore.
At the beginning of this month, Facebook-owned WhatsApp set out an update for its iPhone chat app, which incorporated support for biometric authentication using Face ID or Touch ID. Now, according to a recently reported the biometric authentication implementation in the app has a bug that is allowing access to anyone to WhatsApp without going through Touch ID or Face ID. WhatsApp has confirmed the existence of the bug and the company will soon announce a solution for this.
As Reddit user discovered the de_X_ter, the WhatsApp bug which only works if the user has activated the biometric authentication kick-in time to anything rather than Immediately, with some of the other options being After 1 minute, After 15 minutes, and After 1 hour. According to the Redditor, the bug gets active when anyone tries to use WhatsApp Share Extension in any app. Preferably even when sharing anything on WhatsApp using iOS Share Sheet should trigger Touch ID or Face ID requirement, but it doesn’t when the user has selected anything except Immediately in WhatsApp > Account > Privacy > Screen Lock.
WhatsApp doesn’t have a similar biometric authentication feature for Android, so the bug did not affect Android users.
WhatsApp has rolled out an update for its iPhone app to fix the recently exposed bug. The version number 2.19.22, which is the updated WhatsApp for iPhone is now live in App Store and it is not compulsory that you immediately update the app. As WhatsApp hasn’t shared any updated changelog in the App Store, it isn’t sure if the update brings any other features, bug fixes or improvements.