Earlier February, WhatsApp introduced Face ID and Touch ID authentication for its iOS app to allow users to lock the application using the Face ID facial recognition and Touch ID fingerprint systems.
The security feature can be enabled from Settings -> Account -> Privacy -> Screen Lock menu item. Users can choose the authentication method (Face ID or Touch ID) and set up the interval of time used by the device to lock itself (immediately, after 1 minute, after 15 minutes, or after 1 hour).
A Reddit user discovered that the authentication method chosen by the owner could be bypassed if the duration is not set to “immediately” and the owner is using the Share Sheet in iOS. The Share Sheet allows sharing items or contents through various media like Facebook, Twitter.
Below the step by step procedure to bypass the authentication.
“The latest FaceID and
The good news is that WhatsApp already addressed the bug with the release of the latest version of the iOS app.
(SecurityAffairs – iOS Face ID, authentication bypass flaw)