WhatsApp promises fix for trick to bypass screen saver in iOS appapp

Spread the love

WhatsApp has promised a fix for a trick to bypass Face ID or Touch ID security in its iOS app. As a result, malicious parties can read chats, even though the app asks for authentication at startup.

WhatsApp will soon release the fix that makes the trick impossible, Reuters news agency writes. In the meantime, an employee of the chat app advises users to set the screen saver to ‘immediate’, which means that the trick does not work. It is unknown when the fix will be released.

The trick works with the new feature to lock WhatsApp. Users can set in the Privacy settings to require authentication via Touch ID or Face ID to open the app. The trick, which a user posted on Reddit, requires a user to share something via WhatsApp from another app, such as a photo. When sharing, WhatsApp does not ask for authentication. WhatsApp then remains unlocked, allowing malicious parties to open the app from the home screen.

It’s a low-risk trick in practice. In order to read chats, attackers must already have the unlocked phone. In addition, the screensaver timer trick works in WhatsApp. Even on an unlocked phone, WhatsApp is locked again after up to an hour.

You might also like