WhatsApp has added an important security feature to make logging into WhatsApp Web more secure. For those who don’t know, WhatsApp Web lets chat app users send and receive text messages, images, and documents from their web browser – allowing them to keep in touch without constantly reaching into their pocket for their smartphone.
Until now, anyone with access to WhatsApp could sign-in to WhatsApp Web using the QR code scanner built into the chat app on Android and iOS. However, parent company Facebook has tightened up security with its latest update to the world’s most popular chat app, which boasts more 2 billion users globally. Following the update, WhatsApp users will need to confirm their identity using the built-in biometric authentication features included with their handset, these usually take the form of a fingerprint or face scanner.
Once WhatsApp is able to verify that it’s really you, it will unlock the QR scanner, which allows anyone to bring their text messages to a web browser by visiting web.whatsapp.com.
Interestingly, this isn’t an optional new feature. Instead, once you’ve updated to the latest software version on Android or iOS, WhatsApp will enable this extra security step by default. This makes a certain amount of sense. After all, once you’re logged into WhatsApp Web, it’s possible to trawl back through your entire chat history, search for specific mention of words or names, and download pictures and videos from your conversations. That’s a lot of personal data. So, by verifying that it’s definitely you requesting access, WhatsApp should be able to stop pranksters and bad actors from accessing every message you’ve ever sent in WhatsApp in their Chrome, Safari or Microsoft Edge web browser.
Worried WhatsApp shares data with Facebook? Messenger is so much worse
The latest update is likely to make a number of unofficial third-party WhatsApp clients, like those available for macOS, Windows and iPad, more painful to use. That’s because these aren’t native applications designed for the platforms they’re running on. Since WhatsApp is tied to your phone number and SIM card, it’s not possible to be logged in to multiple apps at once – like you’re able to do with the likes of Signal, iMessage, and Messenger. Instead, these apps are merely wrappers that access WhatsApp Web, which requires your smartphone to be turned on to work.
Whether the new security feature will require users to keep scanning their fingertips and faces to stay logged in to these unofficial WhatsApp apps remains to be seen.
As an extra security measure, WhatsApp will now send a notification to your iPhone or Android chat app whenever somebody logs into your account on WhatsApp Web or using one of these computer apps (WhatsApp itself makes one of these WhatsApp Web wrappers, which is available for free on the Mac App Store). If someone you don’t recognise has logged into your account using WhatsApp Web, the mobile apps lets you log-out any web browser with a single tap.