WhatsApp had recently introduced biometric integration for iOS platform. Users can simply lock their messages using TouchID or Face ID. Once locked no one can access WhatsApp without proper authentication, that’s how the security should works.
A Reddit User, de_X_ter has found a simple bug that easily allows anyone to bypass the lock screen and access Whatsapp messages locked by biometric protection on iPhone. It is essential for users to be aware of such issue in-order to avoid any kind of privacy problems.
According to the Reddit user, the bug works only if the options under Account > Privacy > Screen Lock > Require Face ID or Require Touch ID is not set immediately. There are three more options 1 Minutes, 15 Minutes and 1 Hours.
If users had configured the biometric lock on any of the above three options other than immediately, it is possible to access WhatsApp messages through Whatsapp share. For example, the Reddit users had used a sheet to share on his iOS device that launches the share menu. After selecting WhatsApp it opens without asking Touch ID or Face ID.
To secure your messages go to Account > Privacy > Screen Lock > Require Face ID or Require Touch ID and select option “Immediately” that will ask your biometric verification every time you try to access WhatsApp.
Source: Reddit