WhatsApp just added key security feature — what you need to know

WhatsApp desktop
(Image credit: Shutterstock)

WhatsApp has been getting a lot of flak for privacy-related reasons recently, with many users leaving the service for other encrypted messaging apps, but a brand-new feature should help secure your account if you use WhatsApp Web.

Yesterday (Jan. 28), WhatsApp announced on its Facebook and Twitter feeds that it was adding biometric user authentication to its desktop applications and web interface, adding a new layer of security.

Biometric security has been an optional feature on WhatsApp for some time now (it's not on by default), but this is the first time that users have been able to secure the link between their phones and WhatsApp’s desktop app. 

It doesn’t matter which method of biometric authentication you prefer, be it fingerprint, face, or Samsung’s aging iris scanner. WhatsApp Web will support them all.

Judging from the instructions WhatsApp has posted on its blog, the process isn’t that different from how you already set up WhatsApp Web. The steps are the same, but now you’re prompted to authenticate your identity by using your phone’s biometric login before the WhatsApp app on your phone can read the QR code on your desktop screen to activate the link. 

Of course, you will need to set up biometric authentication on your phone first.

WhatsApp promises that the feature is already live, but it doesn’t seem to be live for everyone yet. We didn’t get the prompt when testing the feature for ourselves, even after we activated fingerprint lock in WhatsApp’s settings. So be patient while it rolls out to you.

Why this new WhatsApp feature matters

In the grand scheme of things this seems like a fairly small feature to add, particularly when we know video and voice calls are coming to WhatsApp Web in the near future

That said, there’s no such thing as too much security, and when you’re setting up a wireless link to see your private conversations on another device, you’re going to want to make sure everything is locked up tight.

But we feel that more could be done. WhatsApp Web stays logged in by default, meaning anyone could go and access your conversations on your desktop machine — regardless of whether they have your phone or not. 

It couldn’t hurt to verify users with their biometrics each time they open up a WhatsApp web tab, or at least give them the option.

It's already too easy to hijack someone else's WhatsApp account if you can look at their phone for just a few seconds, as a security researcher demonstrated last year and which scammers subsequently carried out. (You can set an account PIN to prevent this, as detailed in the first link in this paragraph.)

In the meantime, if this still isn't enough to keep your tethered to WhatsApp, be sure to check out the best WhatsApp alternatives for all your Facebook-free communication needs.

Tom Pritchard
UK Phones Editor

Tom is the Tom's Guide's UK Phones Editor, tackling the latest smartphone news and vocally expressing his opinions about upcoming features or changes. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He’s usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining about how terrible his Smart TV is.