- WhatsApp allows users to connect their mobile phone to its web and desktop applications using biometrics.
- This means you can now log in using face, fingerprint or iris scans, depending on your device.
- WhatsApp said all the data is processed by the operating system of a phone, and therefore it sees nothing of it.
- Visit Business Insider’s homepage for more stories.
WhatsApp adds features to its web app to let users sign in by scanning their face, thumbprint or eye.
WhatsApp announced the new feature on Thursday, which it describes as an added layer of security for its WhatsApp Web and Desktop services.
At the moment, users of WhatsApp Web or Desktop need to link it to their phone account by scanning a QR code. This new feature will add biometric logging to compatible devices as an optional extra security layer.
WhatsApp said on Apple devices with iOS14 users will be able to use Touch ID or Face ID. Android phones can use Face Unlock, Fingerprint Unlock or Iris Unlock.
The announcement comes at a sensitive moment for WhatsApp, which is still stemming from a major setback to users’ privacy over a new set of terms and conditions it sent out earlier this month.
“WhatsApp does not see your face or fingerprint data,” the company said in a statement announcing the new biometric login feature. In a frequently asked question, the company says, because the user’s device handles the biometric information, WhatsApp does not have access to the data.
“The verification is handled by your device’s operating system using the biometrics stored there. WhatsApp does not have access to the biometric information stored by your device’s operating system,” he said.
“If they use the default APIs [Application Programming Interfaces] for biometrics, it can all be done in a way that should not raise red flags, ‘Eerke Boiten, a professor of cyber security at De Montfort University, told Insider.
“The best practice is in an analyzed and then encrypted form (meaning it can not be inverted) and stored on the user’s device, and I expect all standard biometric APIs on phones to do just that. “WhatsApp intrusion between the phone and WhatsApp Web is then essential, because the phone does not contain the registered biometric image that is being checked, not some central server,” he added.
Dr Catherine Flick, a computer scientist and privacy expert from De Montfort, agrees with Boiten that the announcement did not sound an alarm.
“If it’s the built – in face / etc recognition, it’s fine and standard with the phone operating systems (and it’s good to have as a second level of privacy, even if your phone is unlocked),” she said.
The addition of biometric scanning is not the last feature WhatsApp plans to add this year, as it told TechCrunch it plans to expand with more features for WhatsApp web and PC.