- WhatsApp on iPhones got the biometric app lock feature earlier this month
- The feature now exposes a bug when a setting is changed
- The bug bypasses the security lock for the app, thereby inviting unauthorised access
You probably know that WhatsApp got a biometric app lock feature on iPhones earlier this month, which means a user must use Touch ID or Face ID to access the app when the security feature is enabled. A new bug spotted by a Reddit user apparently allows the user to bypass the app lock while sharing media from another app after changing the screen lock settings for the app.
According to Reddit user de_X_ter, the bug shows itself when an option other than “Immediately” is selected from WhatsApp’s screen lock settings. This options list can be found inside Settings > WhatsApp Settings > Account > Privacy > Screen Lock when either “Require Touch ID” or “Require Face ID” is enabled. According to the Redditor, the bug can be replicated by following the following steps: “Get to the iOS Share Sheet through any method. Click on the WhatsApp icon in the iOS Share Sheet.” This could be from any app like Google Photos.
"Immediately" is the recommended option to avoid facing the bug
Going on to explain the replication steps, the Redditor writes, “While transitioning to the next screen, you observe that no FaceID or Touch ID verification takes place if an option other than ‘Immediately’ was set previously. Now just exit out to the iOS Home Screen. (If in some cases, it asks for FaceID or Touch ID verification, just cancel it and try clicking on WhatsApp icon in the iOS Share Sheet again). Try to open WhatsApp and voila, it simply lets you inside WhatsApp without FaceID or Touch ID verification.”
This bug may not affect you if you haven’t changed the activation time in the screen lock settings for WhatsApp. If you think you have, it’s best to return to the WhatsApp Screen Lock Settings screen and select “Immediately” to avoid facing the bug. WhatsApp is yet to send out a fix for this new bug. The Facebook-owned company is also yet to introduce the biometric app lock feature in WhatsApp for Android.