Earlier this month, Facebook-owned WhatsApp rolled out an update for its iPhone chat app, which included support for biometric authentication using Face ID or Touch ID. Now, it is being reported that the biometric authentication implementation in the app has a bug that allows anyone to get access to WhatsApp without going through Touch ID or Face ID. WhatsApp has confirmed the existence of the bug and the company will soon release a fix for the same.
As spotted by Reddit user de_X_ter, the WhatsApp bug only works when the user has selected the biometric authentication kick-in time to anything except Immediately, with the other options being After 1 minute, After 15 minutes, and After 1 hour. According to the Redditor, the bug activates when anyone tries to use WhatsApp Share Extension in any app. Ideally even when sharing anything on WhatsApp using iOS Share Sheet should trigger Touch ID or Face ID requirement, but it doesn’t when the user has selected anything except Immediately in WhatsApp > Account > Privacy > Screen Lock.