WhatsApp Web and Desktop now require biometric authentication before device linking
WhatsApp is adding an extra layer of security for logging into WhatsApp Web and desktop app. The next time you link your WhatsApp account to your web browser or desktop, you’ll be asked to authenticate the login request using your enrolled fingerprint or face data present on your phone.
Before this change, logging into WhatsApp web was as simple as scanning a QR code using your smartphone camera. Although this was convenient, it also left the door open for potential privacy breaches as anyone with access to your smartphone could just scan the QR code in a web browser and gain access to your chats. In this context, the addition of an extra layer of authentication is indeed a welcome move. WhatsApp notes that the authentication process is handled by the respective operating systems’ biometric APIs and that it can’t access or see your biometric data stored on your phone.
Today we’re starting to roll out a new security feature for WhatsApp Web and Desktop: face and fingerprint unlock when linking devices.
WhatsApp does not see your face or fingerprint data.
— WhatsApp (@WhatsApp) January 28, 2021
The biometric authentication feature is rolling out to both Android and iOS users. The feature will be enabled by default on Android devices with biometric authentication support and on iPhone devices running iOS 14 and above and can’t be turned off. If you want to disable the feature, you’ll need to remove biometric authentication methods from your phone altogether.
The biometric authentication option doesn’t seem to be available for everyone just yet. At the time of writing this article, the feature wasn’t available on my Android phone running WhatsApp Beta 220.127.116.11. If we are allowed to presume, this change could be in preparation for eventual multi-device support.