WhatsApp Beta Demos Fingerprint Authentication for Web Sessions

  • WhatsApp may soon introduce fingerprint authentication for the creation of Web Sessions.
  • While this is a privacy and security-enhancing feature, it could compromise high-level targets.
  • For regular users, it will be a far more convenient and quicker way to authenticate on the platform.

People who love to look deep into the code of beta APK versions to uncover any upcoming features have spotted something interesting on WhatsApp 2.20.200.10. Apparently, the popular chat app is readying a fingerprint-based authentication for the creation of a new Web Session. That could replace the current system that requires the scanning of a QR code from the smartphone that runs the app, which is admittedly somewhat disruptive as a process. Scanning your fingerprint would be a lot quicker and a million times more convenient. But what about security?

Fingerprint_WAWEBSession_Android
Source: wabetainfo.com

The scanning of the QR code is surely a secure step because it presupposes a couple of things that are linked to the user. One cannot prompt the app to scan a QR code, or fake it, or bypass this process very easily. Fingerprint scanning, on the other side, is not as secure because fingerprints can be stolen.

Even if that doesn’t happen, fingerprint scanners on many smartphone models aren’t very accurate or very hard to fool. This sounds implausible, but the capacity of people to hack fingerprint sensors has been demonstrated repeatedly, even on the most recent sensor tech.

Of course, we cannot forget that this method of authentication is actually meant to serve as a privacy feature, as someone holding your phone won’t be able to start a web session on WhatsApp. Additionally, one can rightfully argue that no sophisticated hackers have a reason to put in the time and effort required to steal their fingerprints, and that would be true for the majority.

However, WhatsApp is used by people who exchange sensitive communications, is an end-to-end encryption platform, and actually cares about user’s privacy and security. If one was to hijack the account access and create a new Web Session, they could fetch the entire chat history through syncing.

This report doesn’t necessarily mean that the new feature will land on the next WhatsApp version, or that it’ll ever land at all. Sometimes, code snippets appear on beta stages, but the testing doesn’t go too well, and things get strapped, postponed, or left there for future consideration. Another thing that appeared on the scrutinized beta version of WhatsApp are fixes for the “Recently Used Emojis”, which is something that people have been eagerly waiting for.

REVIEW OVERVIEW

Recent Articles

‘SK Hynix’ Bought Intel’s NAND Division for $9 Billion

Intel sold its NAND business to the South Korean ‘SK Hynix’ for $9 billion.The Americans will keep its Optane tech and will...

Pirate IPTV Service Sellers Who Faced $24 Million Lawsuit Are Back in Business

DISH has sued four men from the UAE who are reselling “Advanced TV Network” services in the US.The broadcasting giant has identified...

Hackers Took Over Telegram Accounts in Israel Through SS7 Attacks

Actors who knew how to exploit SS7 communication network flaws took over email and IM accounts.The targets are high-ranking individuals who are...