If you use Touch ID to log into applications on your phone, or even your phone itself, then you may have noticed that an increasing number of mobile apps are rolling out support for the popular feature. Or perhaps you have an even newer device that allows you to log into apps with Face ID, or facial recogition software.
There’s a huge security race between major application suppliers at present, as companies continually strive to improve security. And one of the best ways to authenticate a user — considering how easily a PIN can be stolen — is to use biometric security measures. That is, scanning a user’s fingerprint or face to ensure that they are the one using the device or app.
Well, now WhatsApp has jumped onto the bandwagon, introducing Face ID or Touch ID biometric security features to control access to their application. The intention behind this change is to prevent nosy aquaintances from snooping through your message history if you’ve left your mobile phone unlocked.
Unfortunately for WhatsApp — which is set to merge with Facebook Messenger and Instagram — it hasn’t all been plain sailing for this latest security update, as a Reddit user has found a devastating security flaw that renders the update useless.
Bypassing the security feature takes no skill or effort. There’s simply an error in the code that results in the feature not working properly if a particular setting is used. With the update, users can opt to require verification immediately after opening the application, which would mean that Face or Touch ID are required. Alternatively, you can choose to require verification at intervals of an hour, preventing you from authenticating every time you switch out of and back to WhatsApp during regular use.
This is not good news for WhatsApp, which was acquired by Facebook half a decade ago, prior to the acquisition of Instagram. Just last week, we reported on how there would be increased scrutiny on the company ahead of a planned merger of the 3 biggest messaging applications, Facebook Messenger, Intagram and WhatsApp. Although the defect within this software update doesn’t result in any increased risk to personal user information, it’s a pretty big bug in what should be an otherwise simple and easy to test change to the application. Which begs the question, how stringent are the pre-release software tests and checks run by this company?
If you’re currently using WhatsApp, then you might want to wait until this issue is resolved. The company has acknowledged the issue and so we expect that a software fix will soon become available.
In the meantime, if you’d like any help in setting up Touch ID or Face ID for a compatible iPhone model, or would like to check if you can use these security features on your model of iPhone, then get in touch with WiseGuys. In addition to device repairs, we can provide support and advice for any platform, be that iPhone, Android, or otherwise. Call us today on 0808 123 2820.